Vulnerability CVE-2024-4226


Published: 2024-04-30

Description:
It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. This functionality was removed in versions of Octopus Server after the fixed versions listed.

 References:
https://advisories.octopus.com/post/2024/SA2024-03/

Copyright 2026, cxsecurity.com

 

Back to Top