# CiviCRM 5.56.2

Released January 4, 2023

- **[Synopsis](#synopsis)**
- **[Security advisories](#security)**
- **[Credits](#credits)**
- **[Feedback](#feedback)**

## <a name="synopsis"></a>Synopsis

| *Does this version...?*                                         |          |
| --------------------------------------------------------------- | -------- |
| Change the database schema?                                     | no       |
| Alter the API?                                                  | no       |
| Require attention to configuration options?                     | no       |
| Fix problems installing or upgrading to a previous version?     | no       |
| Introduce features?                                             | no       |
| Fix bugs?                                                       | no       |
| **Fix security vulnerabilities?**                               | **yes**  |

## <a name="security"></a>Security advisories

* **[CIVI-SA-2023-01](https://civicrm.org/advisory/civi-sa-2023-01-help-subsystem-rce): RCE via Help Subsystem**
* **[CIVI-SA-2023-02](https://civicrm.org/advisory/civi-sa-2023-02-civievent-xss): XSS via CiviEvent**
* **[CIVI-SA-2023-03](https://civicrm.org/advisory/civi-sa-2023-03-asset-builder-xss): XSS via Asset Builder**

## <a name="credits"></a>Credits

This release was developed by the following authors and reviewers:

Wikimedia Foundation - Eileen McNaughton; John Kingsnorth; JMA Consulting - Seamus Lee;
CiviCRM - Tim Otten; Artful Robot - Rich Lott

## <a name="feedback"></a>Feedback

These release notes are edited by Tim Otten and Andie Hunt.  If you'd like to
provide feedback on them, please login to https://chat.civicrm.org/civicrm and
contact `@agh1`.