cvedb.io
CVE-2022-2828
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-10-13T05:15:08.947 · Last modified 2026-06-17T04:42:39.553

Summary

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

Affected products

octopus — octopus_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when octopus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.