the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (Hoek)'
13 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (lodash)'
13 Feb 2018 timeline
b'Urban Dictionary' disclosed a bug submitted by b'tyagiji' 
b'See details of a unpublished word by guessing the word ID'
12 Feb 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b's_p_q_r' 
b'[afisha.mail.ru] HTML-???????? ????? XSS ?? ??????? ???????'
12 Feb 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'ruvlol' 
b'blind XXE when uploading avatar in mymail phone app'
12 Feb 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'reptou' 
b'Unrestricted access to https://??????.?????myteksi.net/'
12 Feb 2018 timeline
b'Inflection' disclosed a bug submitted by b'wdem' 
b'Reflected Cross-site Scripting Vulnerability via JSON Error Message'
09 Feb 2018 timeline
b'Mavenlink' disclosed a bug submitted by b'cartooncookies' 
b'[app.mavenlink.com] IDOR to view sensitive information'
09 Feb 2018 timeline
b'VK.com' disclosed a bug submitted by b'pisarenko' 
b'??????????????? ?? ????????? ???????????? ????????? "???????????? ??????? ? ????? ?????"'
09 Feb 2018 timeline
b'VK.com' disclosed a bug submitted by b'lincoln9932' 
b'CSRF ???????? ?????? ?? ????? ????????????, ???? id ??????????. + ????????? ???? ??????????? ?? ?????'
09 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bayotop' 
b'[html-janitor] Passing user-controlled data to clean() leads to XSS'
09 Feb 2018 timeline
b'RubyGems' disclosed a bug submitted by b'exploit_in' 
b'RCE,SQL,Vulnerability + Exploit Method.'
08 Feb 2018 timeline
b'RubyGems' disclosed a bug submitted by b'gorkhali' 
b'Host Header Injection/Redirection'
08 Feb 2018 timeline
b'RubyGems' disclosed a bug submitted by b'bugs3ra' 
b'Host header Injection rubygems.org'
08 Feb 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'icewater' 
b'Registered users can change app password permissions for any user'
08 Feb 2018 timeline
b'Unikrn' disclosed a bug submitted by b'moritz30' 
b'Non-Cloudflare IPs allowed to access origin servers'
07 Feb 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'joernchen' 
b'Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass'
07 Feb 2018 timeline
b'HackerOne' disclosed a bug submitted by b'kunal94' 
b'ImageMagick GIF coder vulnerability leading to memory disclosure'
07 Feb 2018 timeline
b'Shopify' disclosed a bug submitted by b'cache-money' 
b'Ability to bypass partner email confirmation to take over any store given an employee email'
07 Feb 2018 timeline
b'RBKmoney' disclosed a bug submitted by b'dutchgraa' 
b'DOM-based Cross-Site Scripting in redirect url checkout'
07 Feb 2018 timeline
1 ... 506 507 508 509 510 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM