Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.
CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.
For more information, see RCE via malicious SNS subscription payload.
Support the originator by clicking the read the rest link below.