Take Advantage of Out-of-Scope Domains in Bug Bounty Programs

Cross Site Scripting (XSS)

In brief, you may be able to escalate your attacks by using API’s, javacript workarounds, a misconfiguration on a domain that isn’t under the program scope.