CVE-2022-22834: OverIT Geocall v. < 8.0 – XSLT Injection

Severity: Medium

OverIT Geocall v. <8.0, an authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. The vulnerability is triggered by sending specific xsl tag inside the xml field.

Attackers could exploit this issue to achieve remote code execution (RCE).