in hackerone according to the documentation https://docs.hackerone.com/en/articles/8490190-domain-verification only an organization admin could add verified domain .but there is an bypass.
steps to reproduce:
- create an sandbox
2.remove org admin permission(you must add program admin permission before removing org admin)
- go to the url
https://hackerone.com/<program you are admin of>/domain_ownerships/new
4.from there you will be able to add verified domain in the org
Impact
access of restricted feature
privilage escalation