Subdomains not related to the organization been onboarded and scanned are added while scanning Cloudflare DNS

[devplayer55221]

The Cloudflare.py script is not validating if the zones present in the nameserver is valid for the organization being scanned.
The zones in the nameserver might not contain the domain of the organization and they would still be added to the subdomains for that organization.

[0xbharath]

This is intended for Cloudflare Nameserver module. Cloudflare allows granular permissions for API keys. We expect the folks who generate the API key to provide permissions to specific zones at the token level rather than handling it at Mantis code level. This check would apply for Nameservers that don't allow granular permissions.

@Prateek-Thakare @hiteshkumarthakur As the check is simple to add, I feel we should add this in case someone on-boards overly permissive API token.

[Prateek-Thakare]

Hey @devplayer55221 @0xbharath
If the behaviour is same across all the DNS integrations, then we can add a central fix with either a flag or a config. @devplayer55221 can you please check if the behaviour is same across all or most of the DNS integrations?

Thanks

[devplayer55221]

Added the code for checking if the nameserver record matches the scope defined in target.
Added in_scope flag for the same.