{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:01:01.727","vulnerabilities":[{"cve":{"id":"CVE-2024-45061","sourceIdentifier":"talos-cna@cisco.com","published":"2025-01-15T15:15:11.730","lastModified":"2025-08-22T16:25:15.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (xss) vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker."},{"lang":"es","value":"Existe una vulnerabilidad de cross-site scripting (XSS) en la función de edición de mapas meteorológicos de Observium CE 24.4.13528. Una solicitud HTTP manipulada especialmente puede provocar la ejecución de un código JavaScript arbitrario. Un usuario autenticado tendría que hacer clic en un enlace malicioso proporcionado por el atacante."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:observium:observium:24.4.13528:*:*:*:community:*:*:*","matchCriteriaId":"95117B86-A048-44B0-A349-F891B304A09E"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-2092","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2092","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}