Categories: US-Cert-Repository

Critical RCE Vulnerability in Discourse



Original release date: October 24, 2021

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier. 

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds. 

For more information, see RCE via malicious SNS subscription payload.

This product is provided subject to this Notification and this Privacy & Use policy.



Source link

admin

Leave a Comment
Share
Published by
admin
4 years ago

Recent Posts

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

20 hours ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

6 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

1 week ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2026-3502 TrueConf Client…

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

This website uses cookies.