Octopus: >> Octopus Server >> 2024.1.437 Security Vulnerabilities
In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-07-25
In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts.
CVSS Score
2.2
EPSS Score
0.003
Published
2024-07-25
In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting payload on the audit page.
CVSS Score
4.1
EPSS Score
0.003
Published
2024-05-08
A race condition was identified through which privilege escalation was possible in certain configurations.
CVSS Score
8.8
EPSS Score
0.004
Published
2024-04-09
Page 2