Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'65 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'w0x42' 
b'CVE-2024-2398: HTTP/2 push headers memory-leak'
27 Mar 2024 timeline
b'curl' disclosed a bug submitted by b'fullmetal5' 
b'CVE-2024-2379: QUIC certificate check bypass with wolfSSL'
27 Mar 2024 timeline
b'GoCD' disclosed a bug submitted by b'redyetihacks' 
b'XSS in GOCD Analytics Plugin'
27 Mar 2024 timeline
b'X (Formerly Twitter)' disclosed a bug submitted by b'itsdavid' 
b'Bypassing x profile verification to receive instant blue checkmark and unlimited profile changes'
26 Mar 2024 timeline
b'HackerOne' disclosed a bug submitted by b'0verw4tch' 
b"View any user email using the Team's audit log section"
26 Mar 2024 timeline
b'HackerOne' disclosed a bug submitted by b'0verw4tch' 
b'Creation of bounties through Customer API leads to private email disclosure'
26 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'oxylis' 
b' leaking PII of tour visitors (names, email addresses, phone numbers) via misconfigured record permissions'
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'archyxsec' 
b'Improper Authentication (Login without Registration with any user) at '
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'chor4o' 
b'Xss - '
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'chor4o' 
b'Xss Parameter: /<s>/[*]/<s>.css '
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'dishant_singh' 
b'Attacker can Add itself as admin user and can also change privileges of Existing Users []'
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'chor4o' 
b'Parmetro XSS: Nome de usurio - '
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'geej' 
b'Resource Injection - []'
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'elevenoo1' 
b'Full Access to sonarQube and Docker'
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'anonymlss' 
b'Reflective Cross Site Scripting (XSS) on /Pages'
22 Mar 2024 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'dishant_singh' 
b'DBMS information getting exposed publicly on -- [ ]'
22 Mar 2024 timeline
b'ownCloud' disclosed a bug submitted by b'kolokokop' 
b'Authentication Bypass with usage of PreSignedURL'
22 Mar 2024 timeline
b'8x8 Bounty' disclosed a bug submitted by b'pentestor' 
b'Open Redirect via Non-Latin Subdomain in vcc-*.8x8.com/AGUI/.php'
20 Mar 2024 timeline
b'Frontegg' disclosed a bug submitted by b'bugsv2' 
b'PATCH method manipulation allowing the users to escalate their functionalities and edit (upgrade/downgrade) API Keys settings which is not allowed'
20 Mar 2024 timeline
b'Frontegg' disclosed a bug submitted by b'bugsv2' 
b'Bypassing the block of Security Domain Restriction and normally invite blocked domains with special characters '
20 Mar 2024 timeline
1 ... 55 56 57 58 59 ... 747
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM