Top10 publishers:
bobrov117 
geeknik79 
linkks75 
sp1d3rs68 
jobert67 
someonenobbd60 
jon_bottarini49 
haxta4ok0048 
netfuzzer48 
ryat47 

the unofficial HackerOne disclosure timeline.

X
Shopify disclosed a bug submitted by ashketchum 
Stored XSS in /admin/product and /admin/collections
01 Dec 2022 timeline
Shopify disclosed a bug submitted by attackerbhai 
Disconnecting an external login provider does not revoke session
01 Dec 2022 timeline
Shopify disclosed a bug submitted by bored-engineer 
Read/Write arbitrary (non-HttpOnly) cookies on checkout pages via GoogleAnalyticsAdditionalScripts postMessage handler
01 Dec 2022 timeline
Shopify disclosed a bug submitted by m7mdharoun 
Subdomain Takeover at course.oberlo.com
01 Dec 2022 timeline
MTN Group disclosed a bug submitted by wallotry 
Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure
01 Dec 2022 timeline
MTN Group disclosed a bug submitted by coyemerald 
Unprotected Direct Object Reference
01 Dec 2022 timeline
MTN Group disclosed a bug submitted by shuvam321 
Firebase Database Takeover in https://pulseradio.mtn.co.ug/
01 Dec 2022 timeline
Nextcloud disclosed a bug submitted by errorx404 
Calendar name length not validated before writing to database
01 Dec 2022 timeline
Internet Bug Bounty disclosed a bug submitted by bugra 
CVE-2022-45402: Apache Airflow: Open redirect during login
01 Dec 2022 timeline
Ian Dunn disclosed a bug submitted by ryotak 
Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands
01 Dec 2022 timeline
LinkedIn disclosed a bug submitted by sachin_kumar_ 
Campaign Account Balance and History Disclosed in API Response
30 Nov 2022 timeline
Yelp disclosed a bug submitted by shubhangirathore836 
If the website does not impose additional defense against CSRF attacks, failing to use the 'Lax' or 'Strict' values could increase the risk of exposur
30 Nov 2022 timeline
TikTok disclosed a bug submitted by aidilarf_2000 
Stored XSS Payload when sending videos
29 Nov 2022 timeline
HackerOne disclosed a bug submitted by jobert 
Any organization's assets pending review can be downloaded
29 Nov 2022 timeline
Shopify disclosed a bug submitted by kun_19 
Stored XSS in Dovetale by application of creator
29 Nov 2022 timeline
AMBER AI disclosed a bug submitted by orange_h 
I found some api keys in js files ,huge leak of token addresses and huge amount of js files are not forbidden
29 Nov 2022 timeline
Internet Bug Bounty disclosed a bug submitted by benjaoming_realone 
potential denial of service attack via the locale parameter
28 Nov 2022 timeline
MTN Group disclosed a bug submitted by shubham_srt 
Wordpress users Disclosure [ /wp-json/wp/v2/users/ ]
27 Nov 2022 timeline
Nextcloud disclosed a bug submitted by kichernde_erbse 
Exception logging in Sharepoint app reveals clear-text connection details
26 Nov 2022 timeline
1 2 3 ... 637
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM