In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerabilityReferenceshttps://advisories.octopus.com/post/2022/sa2022-19/
