Vulnerabilities > Steve Community > Steve > 3.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-21550 | Cross-site Scripting vulnerability in Steve-Community Steve SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. | 6.1 |
| 2024-02-13 | CVE-2024-25407 | Insufficient Entropy vulnerability in Steve-Community Steve 3.6.0 SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction request. | 7.5 |