3 matches found
CVE-2019-11632
In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. These permissions are only used in custom...
ht.opensledmap.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-955549 Security Researcher Gh05tPT Helped patch 6901 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting ht.opensledmap.org websit...
CVE-2019-11632
The CVE-2019-11632 issue affects Octopus Deploy versions 2019.1.0–2019.3.1 and 2019.4.0–2019.4.5. An authenticated user who has VariableViewUnscoped or VariableEditUnscoped permissions scoped to a single project can view or edit unscoped variables from a different project. This is tied to the way...