diff --git a/VERSION b/VERSION
index 0369d0b..bae5c7f 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.21.2
+1.21.3
diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md
index 013e228..1827fb9 100644
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@@ -13,18 +13,24 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- This changes the project to: -->
 
-## v1.21.2: Minfilia Warde - Echo 2
+## v1.21.3: Minfilia Warde - Echo 3
 
 ### Fixes
 
 #### Fixes a problem with nonstandard URLs and redirects
 
+Fixes [GHSA-jhjj-2g64-px7c](https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c).
+
 This could allow an attacker to craft an Anubis pass-challenge URL that forces a redirect to nonstandard URLs, such as the `javascript:` scheme which executes arbitrary JavaScript code in a browser context when the user clicks the "Try again" button.
 
 This has been fixed by disallowing any URLs without the scheme `http` or `https`.
 
 Additionally, the "Try again" button has been fixed to completely ignore the user-supplied redirect location. It now redirects to the home page (`/`).
 
+## v1.21.2: Minfilia Warde - Echo 2
+
+This contained an incomplete fix for [GHSA-jhjj-2g64-px7c](https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c). Do not use this version.
+
 ## v1.21.1: Minfilia Warde - Echo 1
 
 - Expired records are now properly removed from bbolt databases ([#848](https://github.com/TecharoHQ/anubis/pull/848)).
diff --git a/package-lock.json b/package-lock.json
index cf22169..35a0a4d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.21.2",
+  "version": "1.21.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@techaro/anubis",
-      "version": "1.21.2",
+      "version": "1.21.3",
       "license": "ISC",
       "devDependencies": {
         "cssnano": "^7.1.0",
diff --git a/package.json b/package.json
index 7ecc849..d3e9b04 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.21.2",
+  "version": "1.21.3",
   "description": "",
   "main": "index.js",
   "scripts": {