CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve Name parameters.
This Cyber News was published on www.tenable.com. Publication date: Thu, 04 Apr 2024 22:41:04 +0000