Subdomain takeover in GitLab Pages [george.ratelimited.me]

Disclosed: 2024-08-11 18:04:13 By fdeleite To ratelimited
High
Vulnerability Details
It's possible to take over subdomains that point to GitLab Pages. While adding a subdomain no verification of domain ownership is required. ## POC Steps 1. Go to http://george.ratelimited.me/ (tested in Firefox) {F3307364} ## Impact Attackers could perform several attacks like: - Cookie Stealing - Phishing campaigns. - Bypass Content-Security Policies and CORS.
Actions
View on HackerOne
Report Stats
  • Report ID: 2523677
  • State: Closed
  • Substate: resolved
  • Upvotes: 57
Share this report