2 matches found
CVE-2017-16810
Cross-site scripting XSS vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 fixed in 3.13.7 allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter...
CVE-2017-16810
CVE-2017-16810 describes a cross-site scripting (XSS) vulnerability in the Octopus Deploy All Variables tab. The issue affects Octopus Deploy versions 3.4.0 through 3.13.6 and is fixed in version 3.13.7. The vulnerability allows remote attackers to inject arbitrary web script or HTML through the ...