Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Cuvva' disclosed a bug submitted by b'shepard' 
b'https://admin.corp.cuvva.co/ is vulnerable to Clickjacking attacks due to missing X-Frame-Options '
24 May 2017 timeline
b'Rockstar Games' disclosed a bug submitted by b'rz01' 
b'<- Critical IDOR vulnerability in socialclub allow to insert and delete comments as another user and it discloses sensitive information ->'
24 May 2017 timeline
b'OLX' disclosed a bug submitted by b'anonymans' 
b"Combined attacks leading to stealing user's account"
24 May 2017 timeline
b'Maximum' disclosed a bug submitted by b'exr' 
b'Cross-site Scripting (XSS) on [maximum.nl] '
24 May 2017 timeline
b'Cuvva' disclosed a bug submitted by b'kenziy' 
b'cuvva.com website CSP "script-src" includes "unsafe-inline"'
24 May 2017 timeline
b'Cuvva' disclosed a bug submitted by b'd04k34d3v1l' 
b'RC4 cipher suit in use in vpn.corp.cuvva.co'
24 May 2017 timeline
b'Rockstar Games' disclosed a bug submitted by b'exception' 
b'Profile bio at rockstar is accepting control characters'
23 May 2017 timeline
b'Rockstar Games' disclosed a bug submitted by b'exception' 
b'Control Character Injection In Messages'
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'mikkocarreon' 
b'Information leakage via CSV when content is valid JavaScript'
23 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'mrr3boot' 
b'CSP "script-src" includes "unsafe-inline" in weblate.org and demo.weblate.org'
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'jigarthakkar39' 
b'Race condition leads to duplicate payouts'
23 May 2017 timeline
b'ownCloud' disclosed a bug submitted by b'lukasreschke' 
b'HTML injection in Desktop Client'
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'sainaen' 
b"A HackerOne employee's GitHub personal access token exposed in Travis CI build logs"
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'dhauenstein' 
b'www.hackerone.com website CSP "script-src" includes "unsafe-inline"'
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'japzdivino' 
b'Report invitation links not restricted to any existing user'
23 May 2017 timeline
b'HackerOne' disclosed a bug submitted by b'whhackersbr' 
b"Changing Victim's JIRA Integration Settings Through Multiple Bugs"
23 May 2017 timeline
b'Quora' disclosed a bug submitted by b'panther' 
b'self xss in'
22 May 2017 timeline
b'Twitter' disclosed a bug submitted by b'kedrisch' 
b'[URGENT] Opportunity to publish tweets on any twitters account'
22 May 2017 timeline
b'Trello' disclosed a bug submitted by b'obi95' 
b'api flaw'
22 May 2017 timeline
b'Shopify' disclosed a bug submitted by b'bored-engineer' 
b'XSS in $shop$.myshopify.com/admin/ via "Button Objects" in malicious app'
22 May 2017 timeline
1 ... 537 538 539 540 541 ... 727
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM