the unofficial HackerOne disclosure timeline.

X
b'Mail.Ru' disclosed a bug submitted by b'isaeva' 
b"filin.mail.ru user's e-mail address disclosure"
21 Feb 2018 timeline
b'VK.com' disclosed a bug submitted by b'povargek' 
b'???????? ?????????? ? ???????? email, ????? ???? ??? ???????????????? ??????-???????????'
20 Feb 2018 timeline
b'HackerOne' disclosed a bug submitted by b'bangrorox' 
b'Information Disclosure which violate program privacy'
20 Feb 2018 timeline
b'ownCloud' disclosed a bug submitted by b'hexlax' 
b'OS Command Injection via tainted PATH environment variable in findBinaryPath'
18 Feb 2018 timeline
b'Phabricator' disclosed a bug submitted by b'mishre' 
b'Window.opener fix bypass'
18 Feb 2018 timeline
b'Phabricator' disclosed a bug submitted by b'ranjit_p' 
b'Window.opener protection Bypass'
17 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[crud-file-server] Stored XSS in filenames when directory index is served by crud-file-server'
17 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[public] Path Traversal allows to read content of arbitrary files'
17 Feb 2018 timeline
b'Starbucks' disclosed a bug submitted by b'dpgribkov' 
b'Subdomain takeover on developer.openapi.starbucks.com'
17 Feb 2018 timeline
b'Twitter' disclosed a bug submitted by b'harisec' 
b'Blind XSS in Mobpub Marketplace Admin Production | Sentry via demand.mopub.com (User-Agent)'
17 Feb 2018 timeline
b'GitLab' disclosed a bug submitted by b'moritz30' 
b'Cookie bomb'
16 Feb 2018 timeline
b'WordPress' disclosed a bug submitted by b'shay12tg' 
b'MediaElements XSS'
15 Feb 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'billy_blaze' 
b'Securemail server used to internal spam and resource exhaustion'
15 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (defaults-deep)'
15 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (merge-deep)'
15 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (assign-deep)'
15 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (mixin-deep)'
15 Feb 2018 timeline
b'Showmax' disclosed a bug submitted by b'ehsahil' 
b'Changing details of other users profile using UUID (IDOR)'
15 Feb 2018 timeline
b'Coursera' disclosed a bug submitted by b'flex0geek' 
b'[www.coursera.org] Leaking password reset link on referrer header'
14 Feb 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'na5ne3t' 
b'Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)'
14 Feb 2018 timeline
1 ... 505 506 507 508 509 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM