Critical RCE Vulnerability in Discourse

Original release date: October 24, 2021

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

For more information, see RCE via malicious SNS subscription payload.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next NOBELIUM Attacks on Cloud Services and other Technologies »

Previous « Malware Discovered in Popular NPM Package, ua-parser-js

Vulnerability in Microsoft Outlook 2002

Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…

8 hours ago

Multiple Vulnerabilities in OpenSSL

Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …

1 day ago

Continuing Threats to Home Users

Systems Affected Continuing Threats to Home Users View Previous Alerts Alert (SA04-079A) Continuing Threats…

2 days ago

Cross-Domain Vulnerability in Outlook Express MHTML Protocol Handler

Systems Affected Microsoft Windows systems Overview A cross-domain vulnerability in the Outlook…

3 days ago

Summary of Windows Security Updates for April 2004

Systems Affected Systems running Microsoft Windows Overview There are multiple vulnerabilities in…

4 days ago

US-Cert-Repository

Multiple Vulnerabilities in Microsoft Products

Systems Affected Microsoft Windows Operating Systems Microsoft Windows Remote Procedure Call (RPC) and Distributed…

5 days ago

This website uses cookies.