diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md
index 6adfbf0d4..a1f74470c 100644
--- a/website/docs/releases/2023/v2023.10.md
+++ b/website/docs/releases/2023/v2023.10.md
@@ -161,6 +161,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
 -   providers/proxy: Fix duplicate cookies when using file system store. (cherry-pick #7541) (#7544)
 -   providers/scim: fix missing schemas attribute for User and Group (cherry-pick #7477) (#7596)
 -   root: specify node and python versions in respective config files, deduplicate in CI (#7620)
+-   security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
 -   stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) (#7584)
 -   web/admin: fix admins not able to delete MFA devices (#7660)
 
diff --git a/website/docs/releases/2023/v2023.8.md b/website/docs/releases/2023/v2023.8.md
index fc74e70e4..476a03caa 100644
--- a/website/docs/releases/2023/v2023.8.md
+++ b/website/docs/releases/2023/v2023.8.md
@@ -157,7 +157,11 @@ image:
 
 ## Fixed in 2023.8.4
 
--   \*: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
+-   security: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
+
+## Fixed in 2023.8.5
+
+-   security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
 
 ## API Changes