CVE-2022-1670
CVE-2022-1670
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users.
Productos afectados
Octopus Deploy · Octopus Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →