A vulnerability classified as critical has been found in novel-plus up to 4.3.0-RC1. This affects an unknown part of the file /sys/user/exit. The manipulation of the argument offset/limit/sort leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-24015. Access to the local network is required for this attack to succeed. There is no exploit available.