Critical RCE Vulnerability in Discourse

Original release date: October 24, 2021

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

For more information, see RCE via malicious SNS subscription payload.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next NOBELIUM Attacks on Cloud Services and other Technologies »

Previous « Malware Discovered in Popular NPM Package, ua-parser-js

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices

Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices…

2 hours ago

Widespread Supply Chain Compromise Impacting npm Ecosystem

CISA is releasing this Alert to provide guidance in response to a widespread software supply…

1 day ago

CISA Releases Advisory on Lessons Learned from an Incident Response Engagement

Today, CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following…

2 days ago

SonicWall Releases Advisory for Customers after Security Incident

SonicWall released a security advisory to assist their customers with protecting systems impacted by the…

3 days ago

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems (ICS) advisories on September 18, 2025. These advisories provide…

6 days ago

CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems

Today, CISA released a Malware Analysis Report detailing the functionality of two sets of malware…

1 week ago

This website uses cookies.