Changelog for URL cleaner improvement

jhy · jhy · commit d2d9ac341dbd · 2022-08-24T10:08:31.000+10:00
SHA - 4ea768d
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,10 @@
 jsoup changelog
 
-Release 1.15.3 [PENDING]
+Release 1.15.3 [2022-Aug-24]
+  * Security: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if
+    SafeList.preserveRelativeLinks is enabled.
+    <https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369>
+
   * Improvement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the
     original parse.
 
