Subdomain Takeover

The application was found to be vulnerable to subdomain takeover.

  • domain
  • subdomain
  • takeover

A subdomain takeover attack is dangerous attack vector where the attacker is able to trick a 3rd-party system to host content under a domain do not control (the target domain).

Impact

This attack allows to host malicious content on trusted domains. This could lead to various issues including Stored Cross-site Scripting and targeted phishing.

Solution

Ensure that any subdomains are correctly assigned to applications you control.

References

Was this page helpful?