the unofficial HackerOne disclosure timeline.

X
b'Pornhub' disclosed a bug submitted by b'sp1d3rs' 
b'Stored XSS (client-side, using cookie poisoning) on the pornhubpremium.com'
27 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'0x0g' 
b'h1-202 leaderboard photo discloses local wifi password '
25 Mar 2018 timeline
b'WePay' disclosed a bug submitted by b'sp1d3rs' 
b'Reflected XSS in the IE 11 / Edge (latest versions) on the stage-go.wepay.com'
24 Mar 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'kaarloh' 
b"XSS vulnerability in sanitize-method when parsing link's href"
22 Mar 2018 timeline
b'RubyGems' disclosed a bug submitted by b'nmalkin' 
b'Installer can modify other gems if gem name is specially crafted'
22 Mar 2018 timeline
b'Twitter' disclosed a bug submitted by b'vijay_kumar1110' 
b'Urgent : Unauthorised Access to Media content of all Direct messages and protected tweets(Indirect object reference)'
21 Mar 2018 timeline
b'Coinbase' disclosed a bug submitted by b'vicompany' 
b'Ethereum account balance manipulation'
21 Mar 2018 timeline
b'SEMrush' disclosed a bug submitted by b'asad90' 
b' CORS (Cross-Origin Resource Sharing)'
20 Mar 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'bigshaq' 
b'DOM Based XSS in mycrypto.com'
18 Mar 2018 timeline
b'Monero' disclosed a bug submitted by b'c4c1234757b4f1e468a29d480d78f2' 
b'Monero GUI not linked with /DYNAMICBASE or hardening on windows, no ASLR'
18 Mar 2018 timeline
b'Cloudflare' disclosed a bug submitted by b'veggie' 
b'// (double slash) inside es6 template literals interpreted as an inline comment by the auto-minifier'
17 Mar 2018 timeline
b'Discourse' disclosed a bug submitted by b'mishre' 
b'Gaining access to private topics using quoting feature'
17 Mar 2018 timeline
b'Monero' disclosed a bug submitted by b'monero-hax123' 
b'Corrupt RPC responses from remote daemon nodes can lead to transaction tracing'
16 Mar 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'w2w' 
b'Html injection mycrypto.com'
16 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'e333jsjs7se' 
b'Leakage badges on disabled user'
15 Mar 2018 timeline
b'Legal Robot' disclosed a bug submitted by b'code' 
b'https://www.legalrobot.com/'
14 Mar 2018 timeline
b'HackerOne' disclosed a bug submitted by b'kapytein' 
b'HTTP Parameter Pollution using semicolons in iframe element at hackerone.com/careers allows loading external Greenhouse forms'
13 Mar 2018 timeline
b'Upserve ' disclosed a bug submitted by b'nitesculucian' 
b'Information disclosure through search engines (password reset token)'
13 Mar 2018 timeline
b'SEMrush' disclosed a bug submitted by b'h3r0es' 
b'SSLv3 Poodle Attack on Ip Of semrush'
13 Mar 2018 timeline
b'SEMrush' disclosed a bug submitted by b'walterhwhite' 
b'Broken Authentication: A project addition request can be used multiple time for different users'
13 Mar 2018 timeline
1 ... 500 501 502 503 504 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM