CVE-2024-24026

Name of the Vulnerable Software and Affected Versions Novel-Plus versions 4.3.0-RC1 and prior

Description An arbitrary File upload vulnerability exists in the uploadImg() function of SysUserController at com.java2nb.system.controller.SysUserController. This allows an attacker to pass in a specially crafted filename parameter to perform arbitrary File download.

Recommendations For Novel-Plus versions 4.3.0-RC1 and prior, as a temporary workaround, consider disabling the uploadImg() function until a patch is available. Restrict access to the SysUserController to minimize the risk of exploitation. Avoid using the filename parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.