Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Zomato disclosed a bug submitted by 0xdexter 
Ability to manipulate price with a max threshold of `<1 Rupee` in support rider parameter
08 Aug 2020 timeline
Zomato disclosed a bug submitted by pandaaaa 
Availing Zomato gold by using a random third-party `wallet_id`
07 Aug 2020 timeline
BugPoC disclosed a bug submitted by acut3 
Improper use of "path" parameter can be used to trick testers into leaking their Front-End PoC
07 Aug 2020 timeline
Topcoder disclosed a bug submitted by mase289 
Blind stored XSS due to insecure contact form at https://www.topcoder.com leads to leakage of session token and other PII
07 Aug 2020 timeline
Bitwarden disclosed a bug submitted by njgadhiya 
Server-Side Request Forgery in "icons.bitwarden.net"
07 Aug 2020 timeline
GitLab disclosed a bug submitted by rhynorater 
Full Read SSRF on Gitlab's Internal Grafana
07 Aug 2020 timeline
Unikrn disclosed a bug submitted by l_user 
Lack of Input sanitization leads to database Character encoding configuration Disclosure
07 Aug 2020 timeline
Node.js third-party modules disclosed a bug submitted by vrechson 
[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer
06 Aug 2020 timeline
Nextcloud disclosed a bug submitted by cwave 
Memory Leak in OCUtil.dll library in Desktop client can lead to DoS
06 Aug 2020 timeline
LINE disclosed a bug submitted by kazan71p 
Spring Actuator endpoints publicly available and broken authentication
06 Aug 2020 timeline
8x8 disclosed a bug submitted by wisp 
Send Phishing/Spam email from support@sameroom.io to any email address.
05 Aug 2020 timeline
Rockset disclosed a bug submitted by thatquasar 
S3 bucket data at http://rockset-support.s3-us-west-2.amazonaws.com/ reveals user addresses based on latitudes and longitudes.
05 Aug 2020 timeline
Nextcloud disclosed a bug submitted by l00ph0le 
Arbitrary code execution in desktop client via OpenSSL config
05 Aug 2020 timeline
Nextcloud disclosed a bug submitted by yzy9951 
XSS in image metadata field
05 Aug 2020 timeline
concrete5 disclosed a bug submitted by thiennv 
Time-base SQL Injection in Search Users
05 Aug 2020 timeline
GitLab disclosed a bug submitted by yvvdwf 
Stored XSS in blob viewer
04 Aug 2020 timeline
LINE disclosed a bug submitted by kazan71p 
Spring Actuator endpoints publicly available, leading to account takeover
04 Aug 2020 timeline
Twitter disclosed a bug submitted by ryotak 
Private list members disclosure via GraphQL
04 Aug 2020 timeline
GitLab disclosed a bug submitted by semsem123 
Unrestricted file upload leads to Stored XSS
03 Aug 2020 timeline
1 2 3 ... 454
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM