← voltar
CVE-2022-22835

CVE-2022-22835

EPSS 14.5%
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://labs.yarix.com/2022/03/overit-framework-xslt-injection-and-xxe-cve-2022-22834-cve-2022-22835/https://labs.yarix.com/advisories/cve-2022-22835/https://overit.us/products/geocall/https://www.overit.ai/product/nextgen-fsm/