In affected versions of Octopus Deploy it is possible to discover network details via error message
5.3CVSS
5.3AI Score
0.0005EPSS
In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link. This was initially resolved in advisory 2022-07 however it was identified that the fix could be bypassed in certain circumstances. A different approach was taken ...
5.4CVSS
5.1AI Score
0.001EPSS
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.
7.5CVSS
5.8AI Score
0.001EPSS