From 2814a8e9513de2d196ae61c2373983030ed86aa9 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens@goauthentik.io>
Date: Tue, 21 Nov 2023 18:13:41 +0100
Subject: [PATCH] website/docs: add CVE-2023-48228 to release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 website/docs/releases/2023/v2023.10.md | 1 +
 website/docs/releases/2023/v2023.8.md  | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md
index 6adfbf0d4..a1f74470c 100644
--- a/website/docs/releases/2023/v2023.10.md
+++ b/website/docs/releases/2023/v2023.10.md
@@ -161,6 +161,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
 -   providers/proxy: Fix duplicate cookies when using file system store. (cherry-pick #7541) (#7544)
 -   providers/scim: fix missing schemas attribute for User and Group (cherry-pick #7477) (#7596)
 -   root: specify node and python versions in respective config files, deduplicate in CI (#7620)
+-   security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
 -   stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) (#7584)
 -   web/admin: fix admins not able to delete MFA devices (#7660)
 
diff --git a/website/docs/releases/2023/v2023.8.md b/website/docs/releases/2023/v2023.8.md
index fc74e70e4..476a03caa 100644
--- a/website/docs/releases/2023/v2023.8.md
+++ b/website/docs/releases/2023/v2023.8.md
@@ -157,7 +157,11 @@ image:
 
 ## Fixed in 2023.8.4
 
--   \*: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
+-   security: fix [GHSA-rjvp-29xq-f62w](../security/GHSA-rjvp-29xq-f62w), Reported by [@devSparkle](https://github.com/devSparkle)
+
+## Fixed in 2023.8.5
+
+-   security: fix [CVE-2023-48228](../../security/CVE-2023-48228.md), Reported by [@Sapd](https://github.com/Sapd) (#7666)
 
 ## API Changes