Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions.Referenceshttps://advisories.octopus.com/post/2022/sa2022-03/
