Program : Souq
Vulnerability : Subdomain Takeover
Impact : High
jobs.souq.com was vulnerable to subdomain takeover via
When I visit jobs.souq.com it was shown me an error ( finger print )
So I started to see the cname
Jobs.souq.comwas has a cname
So I go directly to the service provider and they was allowed me to take the cname
jobs.souq.com not allowed me to connect it directly seems there was a Bug !
After 1 day I notice that subdomain has been connected to the cname in some paths example :
Funny thing there are someone apply to fake Security Job ! 😀
Time line 2019-02-04: Bug reported 2019-01-05: Fixed with no comments 2019-01-06: Closed as Informative !