WEB APP VULNERABILITY-2 Vulnerabilities: 1. Subdomain Takeover 2. Host Header Injection 3. Content Spoofing 4. EXIF Geolocation Data Not Stripped From Uploaded Images 5. Open Redirect Vulnerability 6. Open Directory 1. Subdomain Takeover: Subdomain takeover is a critical web security vulnerability that occurs when an attacker gains control over a subdomain of a website. This vulnerability usually arises when an organization points a subdomain to an external resource, such as a cloud service or a third-party platform, but later ceases to control that resource. Yet, the DNS records for the subdomain remain active. Exploiting this situation, an attacker can register the external resource and effectively hijack the subdomain. This malicious act can lead to a range of threats, including redirecting traffic to malicious sites, launching phishing campaigns, or injecting malicious content into the legitimate website. Mitigation: To mitigate the risk of sub...