Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message.

Published: Feb 11, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-0513
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
octopus / octopus_server	2024.3.164	2024.3.12985
octopus / octopus_server	2024.4.401	2024.4.6962

https://advisories.octopus.com/post/2024/sa2025-04/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo