Loading HuntDB...

GHSA-qxr8-rhv2-7p85

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

Cross-site scripting (XSS) vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 (fixed in 3.13.7) allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter.

Related CVEs

Key Information

GHSA ID
GHSA-qxr8-rhv2-7p85
Published
May 17, 2022 12:19 AM
Last Modified
May 17, 2022 12:19 AM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 31, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.