In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error.CreditsThis vulnerability was found by MononcleMichReferenceshttps://advisories.octopus.com/post/2026/sa2026-04
