Nick Josevski

**Name of the Vulnerable Software and Affected Versions** Octopus Deploy versions prior to 2020.1.5 **Description** The issue allows an authenticated user to escalate privileges in certain configurations, specifically for customers running on-premises Active Directory linked to their Octopus server. **Recommendations** For versions prior to 2020.1.5, update to version 2020.1.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Octopus versions prior to 3.17.7 **Description** The issue allows an authenticated user with the permission to invite new users to invite users to teams with escalated privileges. **Recommendations** For versions prior to 3.17.7, update to version 3.17.7 or later to resolve the issue.