CVE-2024-48461

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-48461

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48461.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-48461

Published

2024-10-29T21:15:04.347Z

Modified

2025-11-16T04:28:40.638852Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v.1.59.6 allows a remote attacker to execute arbitrary code via the New Journey field.

References

Affected packages

Git / github.com/bassmaster187/teslalogger

Affected ranges

Type: GIT
Repo: https://github.com/bassmaster187/teslalogger
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7141d53abf07b2eb075fe2992c0694d8751c5c84

Affected versions

1.*

1.34.10

1.42.1.0

1.44.0

1.45.6

1.46.0

1.46.2

1.46.5

1.47.0

1.47.7

1.48.0

1.54.12

1.54.13

1.54.15

1.54.16

1.54.17

1.54.18

1.54.20

1.57.3

1.57.4

1.58.4.0

1.59.3

Other

Rollback-to-1-57-9

V1.*

V1.30.0

V1.31.1

V1.34.2

V1.34.7

V1.37.5.0

V1.39.0

V1.40.6

V1.48.10

V1.48.15

V1.48.3

V1.48.6

V1.48.8

V1.48.9

V1.49.0

V1.49.1

V1.49.2

V1.49.3

V1.50.0

V1.51.0

V1.51.1

V1.51.10

V1.51.11

V1.51.6

V1.51.7

V1.51.9

V1.52.2

V1.52.4

V1.52.7

V1.53.0

V1.53.1

V1.54.0

V1.54.1

V1.54.10

V1.54.19

V1.54.2

V1.54.21

V1.54.22

V1.54.23

V1.54.24

V1.54.25

V1.54.26

V1.54.3

V1.54.4

V1.54.5

V1.54.6

V1.54.7

V1.54.8

V1.54.9

V1.56.0

V1.56.1

V1.57.0

V1.57.1

V1.57.10

V1.57.6

V1.57.8

V1.57.9

V1.58.0

V1.58.2

V1.58.3

V1.58.5

V1.58.6

V1.58.8

V1.58.9

V1.59.2

V1.59.5

Version1.*

Version1.57.14

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48461.json"