the unofficial HackerOne disclosure timeline.

X
b'concrete5' disclosed a bug submitted by b'sts' 
b'Reflected XSS vulnerability in Database name field on installation screen'
20 Jan 2018 timeline
b'HackerOne' disclosed a bug submitted by b'666reda' 
b'Submitted reports state logs leakage'
19 Jan 2018 timeline
b'Inflection' disclosed a bug submitted by b'hackedbrain' 
b'Information Disclosure and Privilege Escalation in app.goodhire.com/member/developers/api-settings'
18 Jan 2018 timeline
b'SEMrush' disclosed a bug submitted by b'inferno-' 
b'Reflected XSS using Header Injection'
18 Jan 2018 timeline
b'Blockstack' disclosed a bug submitted by b'firestone' 
b'Weak crossdomain.xml'
18 Jan 2018 timeline
b'Pushwoosh' disclosed a bug submitted by b'protector47' 
b'Development configuration file'
18 Jan 2018 timeline
b'shopify-scripts' disclosed a bug submitted by b'ahihi' 
b'SEGV on ary_concat'
17 Jan 2018 timeline
b'shopify-scripts' disclosed a bug submitted by b'ahihi' 
b'heap-buffer-overflow in OP_R_BREAK'
17 Jan 2018 timeline
b'shopify-scripts' disclosed a bug submitted by b'ahihi' 
b'heap-use-after-free in OP_RESCUE'
17 Jan 2018 timeline
b'Showmax' disclosed a bug submitted by b'ven0ms' 
b'Query string parameter modifications returned in page'
16 Jan 2018 timeline
b'AlienVault ' disclosed a bug submitted by b'cujanovic' 
b'DNS pinning SSRF'
16 Jan 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'muon4' 
b'Cleartext protocol after bank authentication (yrityspalvelu.tapiola.fi)'
14 Jan 2018 timeline
b'ok.ru' disclosed a bug submitted by b'lincoln9932' 
b'XSS ? ?????? ??????????'
13 Jan 2018 timeline
b'Cloudflare' disclosed a bug submitted by b'webster' 
b'Cloudflare does not sufficiently truncate credit card numbers in invoices'
12 Jan 2018 timeline
b'Coursera' disclosed a bug submitted by b'ahsankhan' 
b'XSS Stored'
12 Jan 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'alexbirsan' 
b'SMB SSRF in emblem editor exposes taketwo domain credentials, may lead to RCE'
12 Jan 2018 timeline
b'concrete5' disclosed a bug submitted by b'gamliel' 
b'Host Header Injection allow HiJack Password Reset Link'
12 Jan 2018 timeline
b'concrete5' disclosed a bug submitted by b'egix' 
b'Unsafe usage of Host HTTP header in Concrete5 version 5.7.3.1'
11 Jan 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'fms' 
b"cURL / libcURL - CVE-2016-8624 invalid URL parsing with '#'"
11 Jan 2018 timeline
b'Quora' disclosed a bug submitted by b'stefanofindsbugs' 
b'XSS when clicking "Share to Twitter" at quora.com/widgets/embed_iframe?path=...'
11 Jan 2018 timeline
1 ... 509 510 511 512 513 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM