Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Requested : Salesforce Desk (desk.com) #9

Closed
xsuperbug opened this issue Mar 26, 2018 · 5 comments
Closed

Requested : Salesforce Desk (desk.com) #9

xsuperbug opened this issue Mar 26, 2018 · 5 comments
Labels
not vulnerable Someone has made it very clear that this service is not vulnerable to subdomain takeovers.

Comments

@xsuperbug
Copy link

It seems subdomains can be taken over, I think. Can you check it?
@xsuperbug
Copy link
Author

Sorry, I have to censor it. A screenshot is as follows :
http://oi67.tinypic.com/27x48bp.jpg

@haccer haccer mentioned this issue Mar 28, 2018
Merged
@EdOverflow
Copy link
Owner

Resolved in #10; thank you.

@EdOverflow EdOverflow added the vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service. label Sep 9, 2018
@EdOverflow EdOverflow reopened this Sep 9, 2018
@codingo codingo mentioned this issue Oct 14, 2018
Merged
@codingo
Copy link
Collaborator

codingo commented Oct 14, 2018

Hi @abiralS @xsuperbug, this state has now been changed as per #50

@codingo codingo closed this as completed Oct 14, 2018
@codingo codingo added not vulnerable Someone has made it very clear that this service is not vulnerable to subdomain takeovers. and removed vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service. labels Oct 14, 2018
@ronykris ronykris mentioned this issue Jul 25, 2020
Closed
@charlie-1337
Copy link

i think it vulnerable --> https://hackerone.com/reports/201796

@pdelteil
Copy link
Contributor

i think it vulnerable --> https://hackerone.com/reports/201796

Hello,

That report is 6 years old. That's not enough to still consider it as valid/vulnerable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
not vulnerable Someone has made it very clear that this service is not vulnerable to subdomain takeovers.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@codingo @xsuperbug @EdOverflow @pdelteil @charlie-1337 and others