the unofficial HackerOne disclosure timeline.

X
b'Gratipay' disclosed a bug submitted by b'ru94mb' 
b'Markdown parsing issue enables insertion of malicious tags'
21 Aug 2017 timeline
b'Gratipay' disclosed a bug submitted by b'drstache' 
b'Submit a non valid syntax email'
21 Aug 2017 timeline
b'Gratipay' disclosed a bug submitted by b'atom' 
b'Directory Listing on grtp.co'
21 Aug 2017 timeline
b'Mail.Ru' disclosed a bug submitted by b'0x01337' 
b'Logical Vulnerability : REDIRECTING on pw.mail.ru by Parameter Spoofing'
21 Aug 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'tejpratap' 
b'Weak Cryptography for Passwords'
21 Aug 2017 timeline
b'arxius' disclosed a bug submitted by b'alirazzaq' 
b'No Email Verification and No email sent on Forget Pasword'
20 Aug 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'gujjuboy10x00' 
b'Missing Issuer parameter on TOTP 2FA'
20 Aug 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'gujjuboy10x00' 
b'Change password logic inversion'
20 Aug 2017 timeline
b'Weblate' disclosed a bug submitted by b'chols' 
b'Password Restriction'
19 Aug 2017 timeline
b'Zomato' disclosed a bug submitted by b'kuromatae' 
b'Posting to Twitter CSRF on php/post_twitter_authenticate.php'
19 Aug 2017 timeline
b'Weblate' disclosed a bug submitted by b'asaxena2190' 
b'Improper validation of unicode characters'
19 Aug 2017 timeline
b'Snapchat' disclosed a bug submitted by b'nahamsec' 
b'RCE/LFI on test Jenkins instance due to improper authentication flow'
19 Aug 2017 timeline
b'Twitter' disclosed a bug submitted by b'malcolmx' 
b'Open Redirect'
19 Aug 2017 timeline
b'Snapchat' disclosed a bug submitted by b'preben_ve' 
b'Open prod Jenkins instance'
19 Aug 2017 timeline
b'Harvest' disclosed a bug submitted by b'vijay_kumar1110' 
b'CSRF bypass on Submit Time sheet for Approval'
18 Aug 2017 timeline
b'concrete5' disclosed a bug submitted by b'bl4de' 
b'Stored XSS vulnerability in RSS Feeds Description field'
18 Aug 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'rehan' 
b'Password reset form ignores email field'
18 Aug 2017 timeline
b'Weblate' disclosed a bug submitted by b'platinum1933' 
b'Weak password policy'
18 Aug 2017 timeline
b'concrete5' disclosed a bug submitted by b'bl4de' 
b'Stored XSS in Name field in User Groups/Group Details form'
17 Aug 2017 timeline
b'concrete5' disclosed a bug submitted by b'bl4de' 
b"Stored XSS in Private Messages 'Reply' allows to execute malicious JavaScript against any user while replying to the message which contains payload"
17 Aug 2017 timeline
1 ... 548 549 550 551 552 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM