CVE-2024-21550
CVSS V2 None
CVSS V3 None
Description
SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. Attackers can inject arbitrary HTML and Javascript code via WebSockets leading to persistent Cross-Site Scripting in the SteVe management interface.
Overview
- CVE ID
- CVE-2024-21550
- Assigner
- snyk
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-12T14:54:36.075Z
- Last Modified Date
- 2024-08-12T15:20:03.103Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-21550 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21550 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-08-13 13:18:45 | Added to TrackCVE |