Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert51 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Nextcloud disclosed a bug submitted by foobar7 
Persistent XSS on favorite via filename
12 Dec 2019 timeline
Nextcloud disclosed a bug submitted by foobar7 
Server-Side request forgery in New-Subscription feature of the calendar app
12 Dec 2019 timeline
Avito disclosed a bug submitted by hussain_0x3c 
CSS injection in avito.ru via IE11
12 Dec 2019 timeline
OLX disclosed a bug submitted by kishoretrommer 
Bypass Rejected ads so user can view it as normal live ad.
11 Dec 2019 timeline
Shopify disclosed a bug submitted by vulnh0lic 
Shopify Stocky App OAuth Misconfiguration
11 Dec 2019 timeline
GitLab disclosed a bug submitted by ajxchapman 
Importing GitLab project archives can replace uploads of other users
11 Dec 2019 timeline
VK.com disclosed a bug submitted by qwe 
????-?????????? ? ????????? ??????
10 Dec 2019 timeline
WordPress disclosed a bug submitted by md15ev 
Stored XSS on Wordpress 5.3 via Title Post
10 Dec 2019 timeline
Shopify disclosed a bug submitted by chj2934 
XSS on product comments in transfers
09 Dec 2019 timeline
PUBG disclosed a bug submitted by sr007 
I found Reflected XSS(Cross site scripting) on your subdomain lite.pubg.com
09 Dec 2019 timeline
PUBG disclosed a bug submitted by 0xfabiof 
Reflected XSS in pubg.com
09 Dec 2019 timeline
OWOX, Inc. disclosed a bug submitted by obito_ms 
The URL in "Choose a data source'' at "https://bi.owox.com/ui/settings/connected-services/setup/" is not filtered => reflected XSS.
09 Dec 2019 timeline
OWOX, Inc. disclosed a bug submitted by obito_ms 
Reflected XSS
09 Dec 2019 timeline
Unikrn disclosed a bug submitted by albatraoz 
Staging Rabbitmq instance is exposed to the internet with default credentials
09 Dec 2019 timeline
Omise disclosed a bug submitted by d3tonator 
Failure to Invalid Session after Password Change
08 Dec 2019 timeline
Twitter disclosed a bug submitted by c00lbugs 
XSS on https://app.mopub.com/reports/custom/add/ [new-d1]
07 Dec 2019 timeline
Nextcloud disclosed a bug submitted by cwave 
CSRF vulnerability that allows an attacker to modify encryption settings
07 Dec 2019 timeline
Polymail, Inc. disclosed a bug submitted by kunal94 
XSPA on API service endpoint
07 Dec 2019 timeline
HackerOne disclosed a bug submitted by japz 
Information Disclosure when /invitations/<token>.json is not yet accepted
06 Dec 2019 timeline
1 2 3 ... 391
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM