Sensitive Cleartext Information Disclosure in Octopus before 3.17.7

CVE-2017-15609 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variable JSON file in certain situations involving Offline Drop Targets.

Learn more about our Web Application Penetration Testing UK.