the unofficial HackerOne disclosure timeline.

X
b'Stellar.org' disclosed a bug submitted by b'v1nsh4n' 
b'Session Cookie without HttpOnly and secure flag set'
14 Jun 2017 timeline
b'WordPress' disclosed a bug submitted by b'pabster' 
b'DOM Based XSS In mercantile.wordpress.org'
14 Jun 2017 timeline
b'YouPorn' disclosed a bug submitted by b'sp1d3rs' 
b'DOM-based XSS on youporn.com (main page)'
13 Jun 2017 timeline
b'Pornhub' disclosed a bug submitted by b'cyber-guard' 
b'Unsecured DB instance'
13 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'mrreboot' 
b'Missing restriction on string size of contact field'
13 Jun 2017 timeline
b'YouPorn' disclosed a bug submitted by b'cyber-guard' 
b'Account hijack via deleted PH account'
13 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'imran_hadid' 
b'Takeover of an account via reset password options after removing the account'
13 Jun 2017 timeline
b'Stellar.org' disclosed a bug submitted by b'mrr3boot' 
b'HTTP - Basic Authentication on https://www.stellar.org/wp-login.php'
13 Jun 2017 timeline
b'QIWI' disclosed a bug submitted by b'pengenkiddy' 
b'Xss on billing'
13 Jun 2017 timeline
b'QIWI' disclosed a bug submitted by b'pengenkiddy' 
b'[XSS/pay.qiwi.com] Pay SubDomain Hard-Use XSS'
13 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'fixit' 
b'Attacker can trick other into logging in as themselves'
13 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'ashishdhaduk' 
b'Security Vulnerability - SMTP protection not used'
13 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'mrr3boot' 
b'Clickjacking on Mixmax.com'
13 Jun 2017 timeline
b'Mixmax' disclosed a bug submitted by b'sh3r1' 
b'[app.mixmax.com] Stored XSS on Adding new enhancement.'
13 Jun 2017 timeline
b'Brave Software' disclosed a bug submitted by b'tsug0d' 
b"invalid homepage URL causes 'uncaught typeerror' or blank state"
12 Jun 2017 timeline
b'Gratipay' disclosed a bug submitted by b'whit537' 
b'change bank account numbers'
12 Jun 2017 timeline
b'Bumble' disclosed a bug submitted by b'dark_heaven' 
b'CSRF bug '
12 Jun 2017 timeline
b'Algolia' disclosed a bug submitted by b'sainaen' 
b'An \xe2\x80\x9calgobot\xe2\x80\x9d-s GitHub access token was leaked'
10 Jun 2017 timeline
b'General Motors' disclosed a bug submitted by b'mystech7' 
b'Flash XSS on global nav'
09 Jun 2017 timeline
b'General Motors' disclosed a bug submitted by b'adrianomarcmont' 
b'Reflected Cross Site Script in www.gmcar.gm.com'
09 Jun 2017 timeline
1 ... 569 570 571 572 573 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM