7Şub
CVE-2024-24019 | Novel-Plus up to 4.3.0-RC1 list offset/limit/sort sql injection
A vulnerability, which was classified as critical, has been found in Novel-Plus up to 4.3.0-RC1. Affected by this issue is some unknown functionality of the file /system/roleDataPerm/list. The manipulation of the argument offset/limit/sort leads to sql injection. This vulnerability is handled as CVE-2024-24019. The attack needs to be approached within the local network. There is no exploit available.