Critical RCE Vulnerability in Discourse

Original release date: October 24, 2021

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

For more information, see RCE via malicious SNS subscription payload.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next NOBELIUM Attacks on Cloud Services and other Technologies »

Previous « Malware Discovered in Popular NPM Package, ua-parser-js

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

13 hours ago

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide…

2 days ago

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide…

3 days ago

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

4 days ago

Joint Advisory Issued on Protecting Against Interlock Ransomware

CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and…

5 days ago

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…

6 days ago

This website uses cookies.