Critical RCE Vulnerability in Discourse

Original release date: October 24, 2021

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

For more information, see RCE via malicious SNS subscription payload.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next NOBELIUM Attacks on Cloud Services and other Technologies »

Previous « Malware Discovered in Popular NPM Package, ua-parser-js

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide…

14 hours ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

2 days ago

Updated Guidance on Play Ransomware

CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security…

3 days ago

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

4 days ago

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of…

5 days ago

US-Cert-Repository

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems (ICS) advisories on May 29, 2025. These advisories provide…

1 week ago

This website uses cookies.