Subdomain Takeover
The application was found to be vulnerable to subdomain takeover.
- domain
- subdomain
- takeover
A subdomain takeover attack is dangerous attack vector where the attacker is able to trick a 3rd-party system to host content under a domain do not control (the target domain).
Impact
This attack allows to host malicious content on trusted domains. This could lead to various issues including Stored Cross-site Scripting and targeted phishing.
Solution
Ensure that any subdomains are correctly assigned to applications you control.
References
Was this page helpful?