Vulnerability Details CVE-2017-16801
Cross-site scripting (XSS) vulnerability in Octopus Deploy 3.7.0-3.17.13 (fixed in 3.17.14) allows remote authenticated users to inject arbitrary web script or HTML via the Step Template Name parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.7%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2017-16801
-
cpe:2.3:a:octopus:octopus_deploy:3.10.0
-
cpe:2.3:a:octopus:octopus_deploy:3.10.1
-
cpe:2.3:a:octopus:octopus_deploy:3.11
-
cpe:2.3:a:octopus:octopus_deploy:3.11.0
-
cpe:2.3:a:octopus:octopus_deploy:3.11.1
-
cpe:2.3:a:octopus:octopus_deploy:3.11.10
-
cpe:2.3:a:octopus:octopus_deploy:3.11.11
-
cpe:2.3:a:octopus:octopus_deploy:3.11.12
-
cpe:2.3:a:octopus:octopus_deploy:3.11.13
-
cpe:2.3:a:octopus:octopus_deploy:3.11.14
-
cpe:2.3:a:octopus:octopus_deploy:3.11.15
-
cpe:2.3:a:octopus:octopus_deploy:3.11.16
-
cpe:2.3:a:octopus:octopus_deploy:3.11.17
-
cpe:2.3:a:octopus:octopus_deploy:3.11.18
-
cpe:2.3:a:octopus:octopus_deploy:3.11.2
-
cpe:2.3:a:octopus:octopus_deploy:3.11.3
-
cpe:2.3:a:octopus:octopus_deploy:3.11.4
-
cpe:2.3:a:octopus:octopus_deploy:3.11.5
-
cpe:2.3:a:octopus:octopus_deploy:3.11.6
-
cpe:2.3:a:octopus:octopus_deploy:3.11.7
-
cpe:2.3:a:octopus:octopus_deploy:3.11.9
-
cpe:2.3:a:octopus:octopus_deploy:3.12
-
cpe:2.3:a:octopus:octopus_deploy:3.12.0
-
cpe:2.3:a:octopus:octopus_deploy:3.12.1
-
cpe:2.3:a:octopus:octopus_deploy:3.12.2
-
cpe:2.3:a:octopus:octopus_deploy:3.12.3
-
cpe:2.3:a:octopus:octopus_deploy:3.12.4
-
cpe:2.3:a:octopus:octopus_deploy:3.12.5
-
cpe:2.3:a:octopus:octopus_deploy:3.12.6
-
cpe:2.3:a:octopus:octopus_deploy:3.12.7
-
cpe:2.3:a:octopus:octopus_deploy:3.12.8
-
cpe:2.3:a:octopus:octopus_deploy:3.12.9
-
cpe:2.3:a:octopus:octopus_deploy:3.13
-
cpe:2.3:a:octopus:octopus_deploy:3.13.0
-
cpe:2.3:a:octopus:octopus_deploy:3.13.1
-
cpe:2.3:a:octopus:octopus_deploy:3.13.10
-
cpe:2.3:a:octopus:octopus_deploy:3.13.2
-
cpe:2.3:a:octopus:octopus_deploy:3.13.3
-
cpe:2.3:a:octopus:octopus_deploy:3.13.5
-
cpe:2.3:a:octopus:octopus_deploy:3.13.6
-
cpe:2.3:a:octopus:octopus_deploy:3.13.7
-
cpe:2.3:a:octopus:octopus_deploy:3.13.8
-
cpe:2.3:a:octopus:octopus_deploy:3.13.9
-
cpe:2.3:a:octopus:octopus_deploy:3.14
-
cpe:2.3:a:octopus:octopus_deploy:3.14.1
-
cpe:2.3:a:octopus:octopus_deploy:3.14.15
-
cpe:2.3:a:octopus:octopus_deploy:3.14.159
-
cpe:2.3:a:octopus:octopus_deploy:3.14.1592
-
cpe:2.3:a:octopus:octopus_deploy:3.14.15926
-
cpe:2.3:a:octopus:octopus_deploy:3.15
-
cpe:2.3:a:octopus:octopus_deploy:3.15.0
-
cpe:2.3:a:octopus:octopus_deploy:3.15.1
-
cpe:2.3:a:octopus:octopus_deploy:3.15.2
-
cpe:2.3:a:octopus:octopus_deploy:3.15.3
-
cpe:2.3:a:octopus:octopus_deploy:3.15.4
-
cpe:2.3:a:octopus:octopus_deploy:3.15.5
-
cpe:2.3:a:octopus:octopus_deploy:3.15.6
-
cpe:2.3:a:octopus:octopus_deploy:3.15.7
-
cpe:2.3:a:octopus:octopus_deploy:3.15.8
-
cpe:2.3:a:octopus:octopus_deploy:3.16
-
cpe:2.3:a:octopus:octopus_deploy:3.16.0
-
cpe:2.3:a:octopus:octopus_deploy:3.16.1
-
cpe:2.3:a:octopus:octopus_deploy:3.16.2
-
cpe:2.3:a:octopus:octopus_deploy:3.16.3
-
cpe:2.3:a:octopus:octopus_deploy:3.16.4
-
cpe:2.3:a:octopus:octopus_deploy:3.16.5
-
cpe:2.3:a:octopus:octopus_deploy:3.16.6
-
cpe:2.3:a:octopus:octopus_deploy:3.16.7
-
cpe:2.3:a:octopus:octopus_deploy:3.17
-
cpe:2.3:a:octopus:octopus_deploy:3.17.0
-
cpe:2.3:a:octopus:octopus_deploy:3.17.1
-
cpe:2.3:a:octopus:octopus_deploy:3.17.2
-
cpe:2.3:a:octopus:octopus_deploy:3.17.3
-
cpe:2.3:a:octopus:octopus_deploy:3.7.0
-
cpe:2.3:a:octopus:octopus_deploy:3.7.1
-
cpe:2.3:a:octopus:octopus_deploy:3.7.10
-
cpe:2.3:a:octopus:octopus_deploy:3.7.11
-
cpe:2.3:a:octopus:octopus_deploy:3.7.12
-
cpe:2.3:a:octopus:octopus_deploy:3.7.13
-
cpe:2.3:a:octopus:octopus_deploy:3.7.14
-
cpe:2.3:a:octopus:octopus_deploy:3.7.15
-
cpe:2.3:a:octopus:octopus_deploy:3.7.16
-
cpe:2.3:a:octopus:octopus_deploy:3.7.17
-
cpe:2.3:a:octopus:octopus_deploy:3.7.18
-
cpe:2.3:a:octopus:octopus_deploy:3.7.2
-
cpe:2.3:a:octopus:octopus_deploy:3.7.3
-
cpe:2.3:a:octopus:octopus_deploy:3.7.4
-
cpe:2.3:a:octopus:octopus_deploy:3.7.5
-
cpe:2.3:a:octopus:octopus_deploy:3.7.6
-
cpe:2.3:a:octopus:octopus_deploy:3.7.7
-
cpe:2.3:a:octopus:octopus_deploy:3.7.8
-
cpe:2.3:a:octopus:octopus_deploy:3.7.9
-
cpe:2.3:a:octopus:octopus_deploy:3.8
-
cpe:2.3:a:octopus:octopus_deploy:3.8.0
-
cpe:2.3:a:octopus:octopus_deploy:3.8.1
-
cpe:2.3:a:octopus:octopus_deploy:3.8.2
-
cpe:2.3:a:octopus:octopus_deploy:3.8.3
-
cpe:2.3:a:octopus:octopus_deploy:3.8.4
-
cpe:2.3:a:octopus:octopus_deploy:3.8.5
-
cpe:2.3:a:octopus:octopus_deploy:3.8.6
-
cpe:2.3:a:octopus:octopus_deploy:3.8.7
-
cpe:2.3:a:octopus:octopus_deploy:3.8.8
-
cpe:2.3:a:octopus:octopus_deploy:3.8.9
-
cpe:2.3:a:octopus:octopus_deploy:3.9
-
cpe:2.3:a:octopus:octopus_deploy:3.9.0