In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link.Read More