CVE-2023-45188 Information

Description

IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03 could allow a remote attacker to upload arbitrary files caused by the improper validation of file extensions. By sending a specially crafted request a remote attacker could exploit this vulnerability to upload a malicious file which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 268751.

Reference

https://www.ibm.com/support/pages/node/7156757 https://exchange.xforce.ibmcloud.com/vulnerabilities/268751