{"id":"CVE-2024-48461","details":"Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v.1.59.6 allows a remote attacker to execute arbitrary code via the New Journey field.","modified":"2026-04-09T10:25:51.783781Z","published":"2024-10-29T21:15:04.347Z","references":[{"type":"WEB","url":"https://github.com/bassmaster187/TeslaLogger/blob/65f5ff43c7cacf0391ddc21b90f77a2e8c8d860e/TeslaLogger/bin/changelog.md?plain=1#L4"},{"type":"WEB","url":"https://mohammedshine.github.io/CVE-2024-48461.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bassmaster187/TeslaLogger","events":[{"introduced":"0"},{"fixed":"7141d53abf07b2eb075fe2992c0694d8751c5c84"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"v.1.59.6"}]}}],"versions":["1.34.10","1.42.1.0","1.44.0","1.45.6","1.46.0","1.46.2","1.46.5","1.47.0","1.47.7","1.48.0","1.54.12","1.54.13","1.54.15","1.54.16","1.54.17","1.54.18","1.54.20","1.57.3","1.58.4.0","1.59.3","Rollback-to-1-57-9","V1.30.0","V1.34.2","V1.37.5.0","V1.39.0","V1.40.6","V1.48.10","V1.48.15","V1.48.3","V1.48.6","V1.48.8","V1.48.9","V1.49.0","V1.49.1","V1.49.2","V1.50.0","V1.51.0","V1.51.1","V1.51.10","V1.51.11","V1.51.6","V1.51.7","V1.52.2","V1.52.4","V1.52.7","V1.53.0","V1.53.1","V1.54.0","V1.54.1","V1.54.10","V1.54.19","V1.54.2","V1.54.21","V1.54.22","V1.54.23","V1.54.24","V1.54.25","V1.54.26","V1.54.3","V1.54.4","V1.54.5","V1.54.6","V1.54.7","V1.54.8","V1.54.9","V1.56.0","V1.56.1","V1.57.1","V1.57.10","V1.57.6","V1.57.8","V1.57.9","V1.58.0","V1.58.2","V1.58.3","V1.58.5","V1.58.6","V1.58.8","V1.58.9","V1.59.2","V1.59.5","Version1.57.14"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48461.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}