First published: Wed May 04 2022(Updated: )
Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions.
Credit: security@octopus.com security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Server | >=2021.3<2021.3.12725 | |
Octopus Server | >=2022.1<2022.1.2454 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.