Vulnerability in Octopus Deploy Server
CVE-2026-8296
In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting Payload via artifacts.
Affected products
- Octopus Deploy Server — versions 2023.0.0, 2026.1.0, 2026.2.0