A vulnerability classified as critical has been found in novel-plus up to 4.3.0-RC1. This affects an unknown part of the file /common/dict/list. The manipulation of the argument offset/limit/sort leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-24017. Access to the local network is required for this attack to succeed. There is no exploit available.