Ismailcemunver

**Name of the Vulnerable Software and Affected Versions** Addactis IBNRS version 3.10.3.107 **Description** The issue allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the `Project Description`, `Identifiers`, `Custom Triangle Name` (inside `Input Triangles`), and `Yield Curve Name` parameters. **Recommendations** For Addactis IBNRS version 3.10.3.107, consider restricting access to the parameters `Project Description`, `Identifiers`, `Custom Triangle Name`, and `Yield Curve Name` to minimize the risk of exploitation. Avoid using crafted .ibnrs files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.