CVE-2022-22834

An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:overit:geocall:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:47

Type Values Removed Values Added
References () https://labs.yarix.com/2022/03/overit-framework-xslt-injection-and-xxe-cve-2022-22834-cve-2022-22835/ - Exploit, Third Party Advisory () https://labs.yarix.com/2022/03/overit-framework-xslt-injection-and-xxe-cve-2022-22834-cve-2022-22835/ - Exploit, Third Party Advisory
References () https://labs.yarix.com/advisories/cve-2022-22834/ - Third Party Advisory () https://labs.yarix.com/advisories/cve-2022-22834/ - Third Party Advisory
References () https://overit.us/products/geocall/ - Product, Vendor Advisory () https://overit.us/products/geocall/ - Product, Vendor Advisory

18 Sep 2024, 19:15

Type Values Removed Values Added
References
  • () https://www.overit.ai/product/nextgen-fsm/ -

Information

Published : 2022-03-10 17:45

Updated : 2024-11-21 06:47


NVD link : CVE-2022-22834

Mitre link : CVE-2022-22834

CVE.ORG link : CVE-2022-22834


JSON object : View

Products Affected

overit

  • geocall
CWE
CWE-91

XML Injection (aka Blind XPath Injection)