Anjelikasah

Researcher fromBugcrowd
#17736of 53,633
15.1Total CVSS
Vulnerabilities · 3
Medium
3
PT-2023-12707
4.3
2023-03-13
Unknown · Octopus Deploy · CVE-2022-2258
**Name of the Vulnerable Software and Affected Versions** Octopus Deploy (affected versions not specified) **Description** The issue allows a user to view Tagsets without having explicit permissions to do so. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2023-12708
4.3
2023-03-13
Unknown · Octopus Deploy · CVE-2022-2259
**Name of the Vulnerable Software and Affected Versions** Octopus Deploy (affected versions not specified) **Description** The issue allows a user to view Workerpools without having explicit permissions to do so. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-18934
6.5
2022-10-13
Unknown · Octopus Server · CVE-2022-2828
**Name of the Vulnerable Software and Affected Versions** Octopus Server (affected versions not specified) **Description** The issue allows revealing information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.