the unofficial HackerOne disclosure timeline.

X
b'Infogram' disclosed a bug submitted by b'tungpun' 
b'Internal Ports Scanning via Blind SSRF'
03 Nov 2017 timeline
b'IRCCloud' disclosed a bug submitted by b'bagipro' 
b'[IRCCloud Android] Opening arbitrary URLs/XSS in SAMLAuthActivity'
03 Nov 2017 timeline
b'IRCCloud' disclosed a bug submitted by b'bagipro' 
b'[IRCCloud Android] XSS in ImageViewerActivity'
03 Nov 2017 timeline
b'Shopify' disclosed a bug submitted by b'sijad' 
b'stored xss in invited team member via email parameter'
03 Nov 2017 timeline
b'Gratipay' disclosed a bug submitted by b'edio' 
b'CSV injection in gratipay.com via payment history export feature.'
03 Nov 2017 timeline
b'The Internet' disclosed a bug submitted by b'vanhoefm' 
b'Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse'
03 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'exadmin' 
b'Private partial disclosure of h1 infrastructure '
03 Nov 2017 timeline
b'Twitter' disclosed a bug submitted by b'yipman' 
b'[CRITICAL] Full account takeover using CSRF'
03 Nov 2017 timeline
b'Twitter' disclosed a bug submitted by b'eidelweiss' 
b'Unauthorized Access to Protected Tweets via niche.co API'
02 Nov 2017 timeline
b'Twitter' disclosed a bug submitted by b'cornerpirate' 
b"OS Command Execution on User's PC via CSV Injection"
02 Nov 2017 timeline
b'Gratipay' disclosed a bug submitted by b'edio' 
b'Saying goodbye to HackerOne and Gratipay.'
02 Nov 2017 timeline
b'AlienVault ' disclosed a bug submitted by b'hussain_0x3c' 
b'SQL Injection in AlienVault Product Forums'
02 Nov 2017 timeline
b'Gratipay' disclosed a bug submitted by b'edio' 
b'Application-level DoS on image\'s "size" parameter.'
02 Nov 2017 timeline
b'WordPress' disclosed a bug submitted by b'jdgrimes' 
b'Unauthenticated hidden groups disclosure via Ajax groups search'
02 Nov 2017 timeline
b'WordPress' disclosed a bug submitted by b'skansing' 
b'Buddypress 2.9.1 - Exceeding the maximum upload size - XSS leading to potential RCE. '
02 Nov 2017 timeline
b'WordPress' disclosed a bug submitted by b'ysx' 
b'[BuddyPress 2.9.1] Open Redirect via "wp_http_referer" parameter on "bp-profile-edit" endpoint'
02 Nov 2017 timeline
b'AlienVault ' disclosed a bug submitted by b'ducnt_' 
b'DOM Based XSS in https://threatcrowd.org'
02 Nov 2017 timeline
b'concrete5' disclosed a bug submitted by b'bl4de' 
b"Stored XSS vulnerability in additional URLs in 'Location' dialog [Sitemap]"
02 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'nickcas' 
b"View Any Program's Team Members through GET https://hackerone.com/invitations/"
01 Nov 2017 timeline
b'HackerOne' disclosed a bug submitted by b'holvonix-advay' 
b'Search query text, including from potentially undisclosed reports, sent to Google Analytics on Inbox query page'
01 Nov 2017 timeline
1 ... 524 525 526 527 528 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM