Top10 publishers:
bobrov117 
geeknik79 
linkks75 
sp1d3rs68 
jobert64 
someonenobbd60 
jon_bottarini49 
netfuzzer48 
haxta4ok0048 
ryat47 

the unofficial HackerOne disclosure timeline.

X
GitLab disclosed a bug submitted by thypon 
Bypass for Domain-level redirects (Unvalidated Redirects and Forwar)
22 Jun 2022 timeline
Reddit disclosed a bug submitted by bisesh 
Able to approve admin approval and change effective status without adding payment details .
22 Jun 2022 timeline
Alohi disclosed a bug submitted by zeesozee 
Weak rate limit for SIGN.PLUS email verification
21 Jun 2022 timeline
Krisp disclosed a bug submitted by yassineaboukir 
Authentication CSRF resulting in unauthorized account access on Krisp app
20 Jun 2022 timeline
Krisp disclosed a bug submitted by life__001 
Add more seats by paying less via PUT /v2/seats request manipulation
20 Jun 2022 timeline
UPS VDP disclosed a bug submitted by 7odamo 
Admin Authentication Bypass Lead to Admin Account Takeover
20 Jun 2022 timeline
Enjin disclosed a bug submitted by whiteshadow201 
Authentication token and CSRF token bypass
19 Jun 2022 timeline
Nextcloud disclosed a bug submitted by michag86 
bypass forced password protection via circles app
19 Jun 2022 timeline
UPS VDP disclosed a bug submitted by nayefhamouda 
Broken access control
18 Jun 2022 timeline
IBM disclosed a bug submitted by exploitmsf 
sql injection via https://setup.p2p.ihost.com/
17 Jun 2022 timeline
Enjin disclosed a bug submitted by er_salil 
CSRF Bypassed on Logout Endpoint
17 Jun 2022 timeline
Enjin disclosed a bug submitted by akashhamal0x01 
Race condition via project team member invitation system.
17 Jun 2022 timeline
Yelp disclosed a bug submitted by happykira0x1 
xmlrpc file enabled
16 Jun 2022 timeline
curl disclosed a bug submitted by iylz 
curl "globbing" can lead to denial of service attacks
16 Jun 2022 timeline
Reddit disclosed a bug submitted by marvelmaniac 
CSRF (protection bypassed) to force a below 18 user into viewing an nsfw subreddit !
16 Jun 2022 timeline
TikTok disclosed a bug submitted by aidilarf_2000 
Stored XSS on TikTok Live Form
16 Jun 2022 timeline
LinkedIn disclosed a bug submitted by sachinrajput 
Rate limit Bypass on contact-us through IP Rotator (burp extension)(https://www.linkedin.com/help/linkedin/solve/contact)
15 Jun 2022 timeline
Twitter disclosed a bug submitted by saiful6601 
Delete direct message history without access the proper conversation_id
15 Jun 2022 timeline
Twitter disclosed a bug submitted by max2x 
Remote 0click exfiltration of Safari user's IP address
15 Jun 2022 timeline
1 2 3 ... 613
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM