spryker · lenadoc · May 15, 2023 · May 15, 2023
diff --git a/...eleases/release-notes/release-notes-202304.0/security-release-notes-202304.0.md b/...eleases/release-notes/release-notes-202304.0/security-release-notes-202304.0.md
@@ -20,12 +20,18 @@ An attacker can inject malicious code in functionalities of the Spryker applicat
 
 ### How to get the fix
 
-Update the affected module `spryker/propel` to version 3.38.0:
+If the version of `spryker/propel` module is 3.35.0 up to and including 3.37.0, update it to version 3.38.0:
 ```bash
 composer require spryker/propel:"~3.38.0"
 composer show spryker/propel # Verify the version
 ```
 
+If the version of `spryker/propel` module is earlier than 3.35.0, update it to version 3.34.3:
+```bash
+composer require spryker/propel:"~3.34.3"
+composer show spryker/propel # Verify the version
+```
+
 ## Stored Cross-Site Scripting (XSS) in Marketplace
 
 An attacker can inject malicious payloads into the merchant profile page in the Merchant portal that's executed in the Back Office. This vulnerability lets an attacker execute code in the context of the Back Office user.
@@ -472,4 +478,4 @@ image:
 // PHP 8.0
 image:
    tag: spryker/php:8.0 or spryker/php:8.0-alpine3.16
-```
+```