Use of Web Browser Cache Containing Sensitive Information in Discourse - CVE-2021-41271
Published: November 15, 2021 / Updated: July 1, 2026
Discourse
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper cache control in intermediate proxy caching behavior when handling a maliciously formed request. A remote attacker can send a specially crafted request to cause a denial of service.
The issue can cause an error response to be cached by intermediate proxies.