8ybhy85kld9zp9xf84x6.imgur.com Subdomain Takeover

Hello Gents, + While testing ** Imgur ** I found an unclaimed subdomain which is; “8ybhy85kld9zp9xf84x6.imgur.com”, and I was able to claim it! + But actually I didn't upload or host a simple file like `mr_baka.html`, because I need to upgrade the account to be able to use this custom domain! + Anyway, you can verify that I was able to claim this subdomain by visiting https://8ybhy85kld9zp9xf84x6.imgur.com and clicking [Manage domain settings here.](https://mrbaka.squarespace.com/config#/settings/domains), which should lead you to my account; https://mrbaka.squarespace.com" . ### Before claiming: + {F1675230} ### After: + {F1675231} ## Impact Subdomain Takeover may lead to below consequences: - Phishing / Spear Phishing - Malware distribution - XSS - Authentication bypass and more - Credential stealing