Vulnerability Details CVE-2019-5891
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
- https://web.archive.org/web/20200327142627/https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/
- https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/
- https://web.archive.org/web/20200327142627/https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/
- https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/