You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi. I'm a bug bounty hunter. While I check eslint bug, I just found that "v.eslint.cn" domain is vaulnerable for subdomain takeover attack. I thought this domain's owner is eslint and report this bug, but they said it's not their domain. So I report here.
Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that subdomain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. (refer from https://github.com/EdOverflow/can-i-take-over-xyz)
I tried tracing and I think the reason of this bug is Fastly configuration.
Visit http://v.eslint.cn then you can check my PoC page. If you want to remove this vulnerability, change Fastyly configuration. This issue can be exploited in several ways, for example but not limited to: XSS, Phishing.
The text was updated successfully, but these errors were encountered:
Hi. I'm a bug bounty hunter. While I check eslint bug, I just found that "v.eslint.cn" domain is vaulnerable for subdomain takeover attack. I thought this domain's owner is eslint and report this bug, but they said it's not their domain. So I report here.
Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that subdomain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. (refer from https://github.com/EdOverflow/can-i-take-over-xyz)
I tried tracing and I think the reason of this bug is Fastly configuration.
Visit http://v.eslint.cn then you can check my PoC page. If you want to remove this vulnerability, change Fastyly configuration. This issue can be exploited in several ways, for example but not limited to: XSS, Phishing.
The text was updated successfully, but these errors were encountered: