CVE-2020-25825 – In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive

In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25825

Reference (s):

• https://github.com/OctopusDeploy/Issues/issues/6604
• https://github.com/OctopusDeploy/Issues/issues/6605
• https://github.com/OctopusDeploy/Issues/issues/6606
• https://github.com/OctopusDeploy/Issues/issues/6607