Vulnerability Details CVE-2022-22834
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.051
EPSS Ranking 89.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.0
References
- https://labs.yarix.com/2022/03/overit-framework-xslt-injection-and-xxe-cve-2022-22834-cve-2022-22835/
- https://labs.yarix.com/advisories/cve-2022-22834/
- https://overit.us/products/geocall/
- https://www.overit.ai/product/nextgen-fsm/
- https://labs.yarix.com/2022/03/overit-framework-xslt-injection-and-xxe-cve-2022-22834-cve-2022-22835/
- https://labs.yarix.com/advisories/cve-2022-22834/
- https://overit.us/products/geocall/