Davide Bassetto

**Name of the Vulnerable Software and Affected Versions** OverIT Geocall versions prior to 8.0 **Description** An issue was discovered that allows an authenticated user with the Test Trasformazione XSL functionality enabled to exploit a XSLT Injection vulnerability. This could allow attackers to achieve remote code execution. **Recommendations** For versions prior to 8.0, update to version 8.0 or later to resolve the issue. As a temporary workaround, consider disabling the Test Trasformazione XSL functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OverIT Geocall versions prior to 8.0 **Description** An issue was discovered that allows an authenticated user with the Test Trasformazione XSL functionality enabled to exploit a vulnerability. This can lead to reading arbitrary files from the filesystem. Additionally, attackers could exploit this issue to achieve remote code execution. **Recommendations** For versions prior to 8.0, update to version 8.0 or later to resolve the issue. As a temporary workaround, consider disabling the Test Trasformazione XSL functionality to minimize the risk of exploitation.