the unofficial HackerOne disclosure timeline.

X
b'Ed' disclosed a bug submitted by b'sp1d3rs' 
b'Oauth flow on the comments widget login can lead to the access code leakage'
24 Nov 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'hacknroll' 
b'Privilege Escalation using API->Feature'
24 Nov 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'hacknroll' 
b'CSRF: Replacing the router configuration backup having an \'operator\' user and bypassing the "Referer:\' whitelist protection'
24 Nov 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'hacknroll' 
b'Privilege Escalation: From operator to ubnt (and root) with non-interactive Session Hijacking'
24 Nov 2017 timeline
b'Infogram' disclosed a bug submitted by b'muon4' 
b'Persistent XSS in share button'
23 Nov 2017 timeline
b'WakaTime' disclosed a bug submitted by b'noob-walid' 
b'SSH backdated version open port'
23 Nov 2017 timeline
b'OWOX, Inc.' disclosed a bug submitted by b'sp1d3rs' 
b'Server-side cache poisoning leads to the http://my.dev.owox.com inaccessibility'
23 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'pinoywhitehat' 
b'IDOR on Program Visibilty (Revealed / Concealed) against other team members'
23 Nov 2017 timeline
b'Infogram' disclosed a bug submitted by b'sp1d3rs' 
b'Stored XSS in the Custom Logo link (non-Basic plan required)'
23 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'zuriel' 
b'Introspection query leaks sensitive graphql system information.'
22 Nov 2017 timeline
b'Yelp' disclosed a bug submitted by b'overlax' 
b'Nginx version disclosure via forbidden page'
21 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'what94' 
b'Reverse Tabnabbing Vulnerability in Outgoing Links'
21 Nov 2017 timeline
b'Mail.Ru' disclosed a bug submitted by b'lincoln9932' 
b'XSS ????? ????????? ??????.'
21 Nov 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'kushal89shah' 
b'Security: Publicly accessible x.509 Public and Private Key of Ubiquiti Networks.'
20 Nov 2017 timeline
b'Mail.Ru' disclosed a bug submitted by b'whitesector' 
b'reflected XSS on healt.mail.ru'
20 Nov 2017 timeline
b'WordPress' disclosed a bug submitted by b'skansing' 
b'Wordpress 4.7 - CSRF -> HTTP SSRF any private ip:port and basic-auth'
20 Nov 2017 timeline
b'Twitter' disclosed a bug submitted by b'segumarc' 
b'Listing of Amazon S3 Bucket accessible to any amazon authenticated user (metrics.pscp.tv)'
19 Nov 2017 timeline
b'WordPress' disclosed a bug submitted by b'sikic' 
b'Authenticated Cross-site Scripting in Template Name'
18 Nov 2017 timeline
b'Slack' disclosed a bug submitted by b'kamikaze' 
b'Bypass two-factor authentication'
18 Nov 2017 timeline
b'Tor' disclosed a bug submitted by b'closer' 
b'Access to local file system using javascript'
18 Nov 2017 timeline
1 ... 518 519 520 521 522 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM