CVE-2022-22835: OverIT Geocall v. < 8.0 – XXE

Severity: Low

OverIT Geocall v. <8.0, an authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem. The vulnerability is triggered by sending specific xsl tag inside the xml field.