the unofficial HackerOne disclosure timeline.

X
b'ThisData' disclosed a bug submitted by b'pabster' 
b'Insecure Cache-Control Leading to API key Retrieval'
18 Jul 2017 timeline
b'Mixmax' disclosed a bug submitted by b'cablej' 
b'SSRF via webhook'
18 Jul 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'babayaga_' 
b'Intercom chat session information persists after logout'
18 Jul 2017 timeline
b'WakaTime' disclosed a bug submitted by b'3thic4l' 
b'No rate limit on creating private leaderboards.'
18 Jul 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'fletcherr' 
b'User enumeration'
18 Jul 2017 timeline
b'WordPress' disclosed a bug submitted by b'skansing' 
b'Wordpress 4.7.2 - Two XSS in Media Upload when file too large.'
17 Jul 2017 timeline
b'WordPress' disclosed a bug submitted by b'skansing' 
b'Infrastructure - Photon - SSRF'
17 Jul 2017 timeline
b'Slack' disclosed a bug submitted by b'bagipro' 
b'Access of Android protected components via embedded intent'
17 Jul 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'todayisnew' 
b'Domain takeover (legalrobot.co.za)'
17 Jul 2017 timeline
b'Rockstar Games' disclosed a bug submitted by b'netfuzzer' 
b'XSS in http://www.rockstargames.com/theballadofgaytony/js/jquery.base.js'
17 Jul 2017 timeline
b'Mail.Ru' disclosed a bug submitted by b'haxta4ok00' 
b'????? basic ??????????? [qpt.mail.ru]'
17 Jul 2017 timeline
b'ICQ' disclosed a bug submitted by b'linkks' 
b'Apache Server-Status Detected'
17 Jul 2017 timeline
b'Mixmax' disclosed a bug submitted by b'konkakarthik' 
b'mailbomb through invite feature on chrome addon'
16 Jul 2017 timeline
b'HackerOne' disclosed a bug submitted by b'h33t' 
b'Invitation tokens leak to Google Analytics'
16 Jul 2017 timeline
b'Mixmax' disclosed a bug submitted by b'michan001' 
b'no string size restriction on team name'
16 Jul 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'goodhackonly' 
b'Missing link to 2FA recovery code'
15 Jul 2017 timeline
b'Slack' disclosed a bug submitted by b'fbogner' 
b"Code Injection in Slack's Windows Desktop Client leads to Privilege Escalation"
14 Jul 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'xyberwolf' 
b'Directory Listing In Subdomain Of nextcloud.com'
14 Jul 2017 timeline
b'WordPress' disclosed a bug submitted by b'eidelweiss' 
b'Stored self-XSS in mercantile.wordpress.org checkout'
14 Jul 2017 timeline
b'concrete5' disclosed a bug submitted by b'bl4de' 
b'Stored XSS in Headline TextControl element in Express forms [ concrete5 8.1.0 ]'
14 Jul 2017 timeline
1 ... 556 557 558 559 560 ... 764
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM