Images: Update caution block (#2607)

(cherry picked from commit f6f99d7)

Author: adriendupuis

docs/guide/images/images.md

@@ -71,14 +71,15 @@ They are generated only once and cleared on demand, for example, on content remo
 LiipImagineBundle only works on image blobs, so no command line tool is needed. 
 For more information, see the [bundle's documentation](https://symfony.com/doc/current/bundles/LiipImagineBundle/configuration.html).
 
-!!! caution "Code injection in image EXIF"
-
-    EXIF metadata of an image may contain for example, HTML, JavaScript, 
-    or PHP code. 
-    [[= product_name =]] is itself does not parse EXIF metadata, but third-party 
-    bundles must be secured against this eventuality. 
-    Images must be treated like any other user-submitted data - make sure that 
-    metadata is properly escaped before use.
+!!! caution "Code injection in images"
+
+    Images must be treated like any other user-submitted data - as potentially malicious.
+
+    - EXIF metadata of an image may contain for example, HTML, JavaScript, or PHP code.
+      [[= product_name =]] itself doesn't parse EXIF metadata, but third-party bundles must be secured against this eventuality.
+      Make sure that metadata is properly escaped before use.
+    - Images may contain specially crafted flaws that exploit vulnerabilities in common image libraries
+      like GD or Imagick, leading to code execution. It's important to keep these libraries up to date with security updates.
 
 ### Image URL resolution