Uber: Subdomain takeover of translate.uber.com, de.uber.com and fr.uber.com

ID H1:149679
Type hackerone
Reporter rojansec
Modified 2016-07-25T23:33:07


Limited disclosure at @rojanr's request Subdomains including translate.uber.com, fr.uber.com and de.uber.com were pointing to a CNAME for a site that was not claimed. I was able to claim the site and add any content. For PoC purposes, I showcased my blog on translate.uber.com and de.uber.com.