Vulnerabilities
Vulnerable Software
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.
CVSS Score
2.6
EPSS Score
0.002
Published
2024-08-21
In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts.
CVSS Score
2.2
EPSS Score
0.002
Published
2024-07-25
In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting payload on the audit page.
CVSS Score
4.1
EPSS Score
0.003
Published
2024-05-08
It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-04-18
A race condition was identified through which privilege escalation was possible in certain configurations.
CVSS Score
8.8
EPSS Score
0.004
Published
2024-04-09


Contact Us

Shodan ® - All rights reserved