CVE-2022-2828 Information

Description

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

Reference

https://advisories.octopus.com/post/2022/sa2022-19/