2 matches found
CVE-2022-29890
In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link...
CVE-2022-29890
CVE-2022-29890 affects Octopus Server. The issue: the help sidebar can be customized to include a Cross-Site Scripting payload in the support link, enabling potential user-interaction-based abuse. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) yields a base score of 6.1 (MEDIUM). Conne...