Update 0.3.8.md

website/docs/changelog/0.3.8.md

@@ -9,10 +9,10 @@ Not yet released.
 ### 🐛 Bug fixes
 - [Openpanel dashboard - FTP Accounts listed twice #292](https://github.com/stefanpejcic/OpenPanel/issues/292)
 - [Openpanel - Email - manage adding filters #290](https://github.com/stefanpejcic/OpenPanel/issues/290)
+- [Implement CSRF protection on all forms #272](https://github.com/stefanpejcic/OpenPanel/issues/272)
 
 
 ### 💅 Polish
-- `x-csrftoken` is added to all forms on the OpenAdmin interface for [CSRF](https://portswigger.net/web-security/csrf) protection.
 - Redesigned OpenAdmin Dashboard page.
 - Suspending user will now redirect all their domains to custom [suspended_user.html](https://github.com/stefanpejcic/openpanel-configuration/blob/main/nginx/suspended_user.html) template.
 - OpenPanel can now be updated [directly from Github](/docs/admin/intro/#manual-updates).
@@ -24,5 +24,6 @@ Not yet released.
 - The 'OpenAdmin > Domains' section will now display the **SSL status**, whether the **domain is suspended**, and the **force HTTPS** option for each domain.
 - On 'OpenAdmin > Dashboard > System Information widget' update badge will be displayed when new OpenPanel version is available.
 - Adding license key on 'OpenAdmin > License' will no longer restart OpenAdmin but prompt user to restart.
+- `x-csrftoken` is added to all forms on the OpenAdmin interface for [CSRF](https://portswigger.net/web-security/csrf) protection.
 - `--no-restart` flag is added to the [opencli license command](https://dev.openpanel.com/cli/license.html).
 - 'OpenAdmin > Dashboard' page will now use [Github](https://raw.githubusercontent.com/stefanpejcic/OpenPanel/refs/heads/main/version/latest) API to check the latest OpenPanel version.