CVE-2018-5706
CVE-2018-5706 affects Octopus Deploy before 4.1.9. A user with editing permissions can modify teams using RoleEdit/TeamEdit to grant themselves Administer System privileges, even if not originally authorized. The CNVD/CNVD-2018-04332 entry confirms this elevation-of-privilege path and cites versi...