New Relic: Potential Subdomain Takeover - http://storefront.newrelic.com/

2016-02-13T13:52:01
ID H1:116243
Type hackerone
Reporter charliehacks
Modified 2016-06-19T23:30:21

Description

Hi,

The subdomain "storefront.newrelic.com" is currently pointing to Fastly, but is not registered to a service. Depending on whether Fastly permits it, a subdomain takeover similar to that of https://hackerone.com/reports/32825 could be possible.

If the subdomain is not needed, it's recommended that the record is pulled, or it's tied to a Fastly service.

Cheers