Images: Update caution block (#2607)

adriendupuis · adriendupuis · commit 87c44bc1a65a · 2025-02-10T09:34:42.000+01:00
(cherry picked from commit f6f99d7)
diff --git a/docs/content_management/images/images.md b/docs/content_management/images/images.md
@@ -59,11 +59,15 @@ LiipImagineBundle only works on image blobs, so no command line tool is needed.
 
 For more information, see the [bundle's documentation](https://symfony.com/bundles/LiipImagineBundle/current/configuration.html).
 
-!!! caution "Code injection in image EXIF"
+!!! caution "Code injection in images"
 
-    EXIF metadata of an image may contain for example, HTML, JavaScript, or PHP code. 
-    [[= product_name =]] is itself doesn't parse EXIF metadata, but third-party bundles must be secured against this eventuality.
-    Images must be treated like any other user-submitted data - make sure that metadata is properly escaped before use.
+    Images must be treated like any other user-submitted data - as potentially malicious.
+
+    - EXIF metadata of an image may contain for example, HTML, JavaScript, or PHP code.
+      [[= product_name =]] itself doesn't parse EXIF metadata, but third-party bundles must be secured against this eventuality.
+      Make sure that metadata is properly escaped before use.
+    - Images may contain specially crafted flaws that exploit vulnerabilities in common image libraries
+      like GD or Imagick, leading to code execution. It's important to keep these libraries up to date with security updates.
 
 ### Image URL resolution
 
