An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.Referenceshttps://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/https://web.archive.org/web/20200327142627/https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/
