CISA: Critical RCE Vulnerability in Discourse

Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.

CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.

Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency