WEB-1365

Sub Domain Takeover

Vulnerable Subdomain : http://launcher-beta.mojang.com

CNAME : s3.amazonaws.com

Service Provider : Mojang (Which is takeoverable )

Steps to Reproduce :

1) Visit the http://launcher-beta.mojang.com of which bucket is under my control .

POC :

1) Video recording and Screenshots attached.

Status:Fixed

Reporter:pratik jagtap

Assignee:[Mojang] Web Team

Created:2019-07-23, 07:50 PM

Updated:2020-05-28, 10:09 AM

Resolved:2020-05-28, 10:09 AM

Votes:1

Watchers:0

Labels: