the unofficial HackerOne disclosure timeline.

X
b'General Motors' disclosed a bug submitted by b'signalchaos' 
b'Angular Expression Injection in the my.gmc.com Search Page'
09 Jun 2017 timeline
b'General Motors' disclosed a bug submitted by b'secdoor' 
b'Reflected XSS and something more Store XSS too'
09 Jun 2017 timeline
b'General Motors' disclosed a bug submitted by b's_p_q_r' 
b'IE search XSS'
09 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'r0h17' 
b"Stored XSS templates -> 'call for action' feature"
09 Jun 2017 timeline
b'Starbucks' disclosed a bug submitted by b'inhibitor181' 
b'Reflected XSS on teavana.com (Locale-Change)'
09 Jun 2017 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'GFM renderer leaks external issue tracker URL of private project'
08 Jun 2017 timeline
b'Shopify' disclosed a bug submitted by b'todayisnew' 
b'Shopify GitHub Login and Password exposed all private source code might be available.'
08 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'atruba' 
b'Open redirect while disconnecting Email'
08 Jun 2017 timeline
b'LibSass' disclosed a bug submitted by b'geeknik' 
b'null pointer dereference in Sass::Eval::operator()(Sass::Map*)'
08 Jun 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'js_whitehat' 
b'ci.nextcloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service)'
08 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'gsecure' 
b'Open redirect while disconnecting authenticated account'
08 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'phspade' 
b'Email Leakage in staging environment'
07 Jun 2017 timeline
b'VK.com' disclosed a bug submitted by b'all_universe' 
b'??????? SSL-??????????? ??? ????? ?????? ? ?????? ?????????? ???????->?????? ? API ?????????????????? ?????????????.'
07 Jun 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'ahsankhan' 
b'DOM XSS vulnerability in search dialogue (NC-SA-2017-007)'
07 Jun 2017 timeline
b'Automattic' disclosed a bug submitted by b'sainaen' 
b"An Automattic employee's GitHub personal access token exposed in Travis CI build logs"
06 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'bengman' 
b'CRLF Injection on https://vpn.mixmax.com'
06 Jun 2017 timeline
b'Cuvva' disclosed a bug submitted by b'amaljacob7531' 
b'Session cookie without secure flag on https://underwriter.partner.cuvva.com'
06 Jun 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschke' 
b'Stored XSS in Gallery application (NC-SA-2017-010)'
06 Jun 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschke' 
b'Share tokens for public calendars disclosed (NC-SA-2017-011)'
06 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'sh3r1' 
b'[compose.mixmax.com] Stored XSS on compose.mixmax.com in contact names.'
06 Jun 2017 timeline
1 ... 569 570 571 572 573 ... 764
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM