diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 585fec98012..b4642c7fd33 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -120,6 +120,8 @@ public function boot()
 			// We only do that in that specific case. It is disabled by default otherwise.
 			config(['secure-headers.csp.script-src.unsafe-eval' => true]);
 			config(['secure-headers.csp.script-src.unsafe-inline' => true]);
+			config(['secure-headers.csp.script-src.unsafe-inline' => true]);
+			config(['secure-headers.csp.script-src.hashes.sha256' => []]);
 
 			// Allow to bypass when debug is ON and when env is dev
 			// At this point, it is no longer our fault if the Lychee admin have their logs publically accessible.
diff --git a/database/migrations/2023_05_21_225616_bump_version040902.php b/database/migrations/2023_05_21_225616_bump_version040902.php
new file mode 100644
index 00000000000..93bb1278bb3
--- /dev/null
+++ b/database/migrations/2023_05_21_225616_bump_version040902.php
@@ -0,0 +1,26 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Support\Facades\DB;
+
+return new class() extends Migration {
+	/**
+	 * Run the migrations.
+	 *
+	 * @return void
+	 */
+	public function up(): void
+	{
+		DB::table('configs')->where('key', 'version')->update(['value' => '040902']);
+	}
+
+	/**
+	 * Reverse the migrations.
+	 *
+	 * @return void
+	 */
+	public function down(): void
+	{
+		DB::table('configs')->where('key', 'version')->update(['value' => '040901']);
+	}
+};
diff --git a/version.md b/version.md
index 1f1ac7c2f33..b550c72a11d 100644
--- a/version.md
+++ b/version.md
@@ -1 +1 @@
-4.9.1
\ No newline at end of file
+4.9.2
\ No newline at end of file