Top10 publishers:
bobrov107 
linkks60 
sp1d3rs54 
jobert45 
bl4de39 
bigbear_38 
guido38 Twitter
isox36 
geeknik35 
4lemon35 

the unofficial HackerOne disclosure timeline.

X
Cuvva disclosed a bug submitted by badcracker 
Unclaimed facebook page at www.cuvva.com/about
25 Jun 2019 timeline
Upserve disclosed a bug submitted by gamer7112 
DOM Based XSS via postMessage at https://inventory.upserve.com/login/
25 Jun 2019 timeline
Mail.ru disclosed a bug submitted by s_p_q_r 
[e.mail.ru] XSS ? ??????
25 Jun 2019 timeline
SEMrush disclosed a bug submitted by fransrosen 
Remote Code Execution on www.semrush.com/my_reports on Logo upload
24 Jun 2019 timeline
Node.js third-party modules disclosed a bug submitted by toannc123 
[serve-here.js] List any file in the folder by using path traversal.
24 Jun 2019 timeline
Tube8 disclosed a bug submitted by tony_tsep 
SSRF and local file disclosure by video upload on https://www.tube8.com/
24 Jun 2019 timeline
YouPorn disclosed a bug submitted by tony_tsep 
SSRF and local file disclosure by video upload on http://www.youporn.com/
24 Jun 2019 timeline
Twitter disclosed a bug submitted by seifelsallamy 
Verify any unused email address
24 Jun 2019 timeline
Razer US disclosed a bug submitted by lawway 
DLL Hijacking Vulnerability in synapse-2
23 Jun 2019 timeline
Khan Academy disclosed a bug submitted by dermeister 
Sensitive information/action is stored/done is done using a GET request
23 Jun 2019 timeline
Automattic disclosed a bug submitted by dermeister 
Broken Authentication - Security token gets captured via man in the middle attack
22 Jun 2019 timeline
Automattic disclosed a bug submitted by dermeister 
Captcha bypass for the most important function - At en.instagram-brand.com
22 Jun 2019 timeline
Automattic disclosed a bug submitted by dermeister 
Cross Domain leakage of sensitive information - Leading to Account Takeover at Instagram Brand
22 Jun 2019 timeline
Automattic disclosed a bug submitted by dermeister 
Authentication Bypass - Chaining two vulnerabilities leads to account takeover at en.instagram-brand.com
22 Jun 2019 timeline
Trint Ltd disclosed a bug submitted by dhakalananda 
IDOR in changing shared file name
22 Jun 2019 timeline
Slack disclosed a bug submitted by freem0 
Information leakage and default open port
22 Jun 2019 timeline
Rocket.Chat disclosed a bug submitted by theappsec 
Broken access control on apps
22 Jun 2019 timeline
Infogram disclosed a bug submitted by theappsec 
Stored XSS in infogram.com via language
22 Jun 2019 timeline
Khan Academy disclosed a bug submitted by rlaneth 
Cross-Site Request Forgery (CSRF) vulnerability on API endpoint allows account takeovers
22 Jun 2019 timeline
1 2 3 ... 345
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM