8Şub
CVE-2024-24024 | novel-plus up to 4.3.0-RC1 com.java2nb.common.controller.FileController fileDownload filePath/fieName information disclosure
A vulnerability, which was classified as problematic, was found in novel-plus up to 4.3.0-RC1. Affected is the functionfileDownload
of the component com.java2nb.common.controller.FileController. The manipulation of the argument filePath/fieName leads to information disclosure.
This vulnerability is traded as CVE-2024-24024. The attack can only be initiated within the local network. There is no exploit available.