In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link.
2022-07-15T08:15:07.557
2024-11-21T06:59:54.920
Modified
CVSSv3.1: 6.1 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | octopus | octopus_server | < 2021.3.13021 | Yes |
| Application | octopus | octopus_server | < 2022.1.2849 | Yes |
| Application | octopus | octopus_server | < 2022.3.2387 | Yes |
| Application | octopus | octopus_server | 2022.2.6729 | Yes |