CVE-2021-32764 : Exploit Details and Defense Strategies
Discourse versions prior to 2.7.6 are vulnerable to XSS attacks through YouTube Oneboxes. Learn about the impact, affected systems, and mitigation steps for CVE-2021-32764.
Discourse, an open-source discussion platform, is vulnerable to XSS attacks in versions prior to 2.7.6. This CVE allows attackers to exploit the parsing and rendering of YouTube Oneboxes on sites with modified or disabled Content Security Policies.