CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...

CVE-2024-30886

Issue summary: CVE-2024-30886 is a stored XSS in HadSky v7.6.3, specifically in the remotelink function where an attacker can inject a crafted payload into the url parameter to execute arbitrary web scripts/HTML. Affected component: HadSky, version 7.6.3, remotelink functionality. Root cause & im...

PT-2024-23658 · Hadsky · Hadsky

Name of the Vulnerable Software and Affected Versions: HadSky version 7.6.3 Description: A stored cross-site scripting XSS issue in the remotelink function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter. Recommendations: For HadSky...

OwnStar Attack Now Aimed at BMW, Chrysler, Mercedes Cars

The OwnStar attack that hacker Samy Kamkar revealed late last month can be used against not only GM vehicles, but cars manufactured by Mercedes-Benz, BMW, and Chrysler, as well. The attack allows Kamkar to intercept the traffic from nearby mobile phones that have specific apps open that control...

OwnStar Device Can Remotely Locate, Unlock, and Start GM Cars

Car hacking just jumped up a few levels. A security researcher has built a small device that can intercept the traffic from the OnStar RemoteLink mobile app and give him persistent access to a user’s vehicle to locate, unlock, and start it. The device is called OwnStar and it’s the creation of Sa...