Security Advisory

CVE-2022-1881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-15 07:40:10

Last updated 2024-08-03 00:17:00

Assigner Octopus

State PUBLISHED

Description

In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.

← Browse all CVEs View on cve.org ↗