Sub-Domain Takeover
Unknown
Vulnerability Details
Hey !
Your subdomain web.mopub.com is pointing to DYN but you have not claimed it on DYN end.
So what happens here is actually that, since web.mopub.com is pointing to DYN, DYNis actually checking if there's a host with that name. Which in this case was not true. So I was able to claim the domain for my own host, and thus, can place content on this URL.
You should immediately remove the DNS-entry for web.mopub.com pointing to DYN
The issue is bit on same concept of #32825
Actions
View on HackerOneReport Stats
- Report ID: 119220
- State: Closed
- Substate: resolved
- Upvotes: 4