It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Privilege Escalation
Octopus Server
NVD
CVSS 3.1
3.5
EPSS
0.3%
A vulnerability was found in Apryse WebViewer up to 10.8.0. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
NVD
VulDB
CVSS 3.1
3.5
EPSS
0.5%