PT-2024-20237 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: Novel-Plus versions prior to 4.3.0-RC1 Description: A SQL injection issue exists, allowing an attacker to perform SQL injection by passing crafted offset, limit, and sort parameters via the "/system/roleDataPerm/list" API endpoint...