DNS Cache Poisoning

Disclosed: 2014-01-09 14:36:41 By michael1026 To security
Unknown
Vulnerability Details
I noticed if I made a request to your website, intercepted the request, and added the header... X-Forwarded-Host: evil.com it would redirect me to evil.com. Well, after that, I tried going to hackerone.com and I was instantly redirected to evil.com. This is a result of DNS cache poisoning.
Actions
View on HackerOne
Report Stats
  • Report ID: 487
  • State: Closed
  • Substate: resolved
  • Upvotes: 34
Share this report