Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'65 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Tools for Humanity' disclosed a bug submitted by b'aghayeone' 
b'IDOR - Leaking of team data (name, email, ID, member ID) via POST /api/v1/graphql `FetchMemberships` operation'
09 May 2024 timeline
b'Teleport' disclosed a bug submitted by b'mr_asg' 
b'A member with editor permissions can create an access list that cannot be modified, viewed, or deleted'
08 May 2024 timeline
b'Mattermost' disclosed a bug submitted by b'ramsakal7582' 
b"Member role which doesn't have permission to send message can send by executing channel commands"
08 May 2024 timeline
b'Shipt' disclosed a bug submitted by b'doomerhunter' 
b"Improper Access Control + Financial fraud allows attacker to disclose + add arbitrary products to another's user's order "
08 May 2024 timeline
b'curl' disclosed a bug submitted by b'z3r0yu' 
b'Incorrect Type Conversion in interpreting IPv4-mapped IPv6 addresses and below `curl` results in indeterminate SSRF vulnerabilities.'
08 May 2024 timeline
b'IBM' disclosed a bug submitted by b'redyetihacks' 
b'XSS in Aspera documentation website'
06 May 2024 timeline
b'Liberapay' disclosed a bug submitted by b'mrrobot2050' 
b'Unsafe yaml load can lead to remote code execution'
04 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'maskedpersian' 
b'Reflected XSS via Keycloak on [CVE-2021-20323]'
03 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'maskedpersian' 
b'reflected xss [CVE-2020-3580]'
03 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'neg0x' 
b'Reflected Cross-site Scripting via search query on '
03 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'kurogai' 
b'Reflected XSS on error message on Login Page'
03 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'maskedpersian' 
b'Reflected XSS via Moodle on [CVE-2022-35653]'
03 May 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'neg0x' 
b"SQL injection on via 'where' parameter"
03 May 2024 timeline
b'Node.js' disclosed a bug submitted by b'uzlopak' 
b'fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect'
03 May 2024 timeline
b'Node.js' disclosed a bug submitted by b'iylz' 
b'Proxy-Authorization header not cleared on cross-origin redirect in undici.request'
03 May 2024 timeline
b'Node.js' disclosed a bug submitted by b'bpingel' 
b'HTTP Request Smuggling via Content Length Obfuscation'
03 May 2024 timeline
b'Adobe' disclosed a bug submitted by b'renzi' 
b"Adobe Experience Manager 'Childlist selector' - Cross-Site Scripting on cbconnection.adobe.com"
02 May 2024 timeline
b'Deriv.com' disclosed a bug submitted by b'zacian' 
b'Mailgun subdomain takeover '
02 May 2024 timeline
b'Shopify' disclosed a bug submitted by b'ryanmoles6' 
b'Production Key and Data Found on Subdomain No Longer Operated by Shopify / Dangling DNS'
01 May 2024 timeline
b'Shopify' disclosed a bug submitted by b'niraj1mahajan' 
b'No Session Expiry after log-out, attacker can reuse the old cookies'
01 May 2024 timeline
1 ... 52 53 54 55 56 ... 747
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM