Octopus Deploy · Octopus Deploy · CVE-2020-26161
**Name of the Vulnerable Software and Affected Versions**
Octopus Deploy versions through 2020.4.2
**Description**
An issue exists where an attacker could redirect users to an external site via a modified HTTP Host header.
**Recommendations**
For versions through 2020.4.2, update to a version later than 2020.4.2 to resolve the issue.