Subdomain Takeover to Authentication bypass

The researcher discovered that the subdomain devrel.roblox.com pointed to an expired HubSpot instance. This allowed an attacker to claim the service and take control of the subdomain. By doing so, the attacker could serve content from a trusted Roblox subdomain, enabling attacks such as cookie theft or authentication bypass. The researcher demonstrated the impact by showing how authentication could be bypassed using the hijacked subdomain by accessing the roblox authentication cookies cross domain.