the unofficial HackerOne disclosure timeline.

X
b'Weblate' disclosed a bug submitted by b'abiral' 
b'Missing restriction on string size'
03 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'inhibitor181' 
b'CSRF - Changing the full name / adding a secondary email identity of an account via a GET request'
02 Jun 2017 timeline
b'Uber' disclosed a bug submitted by b'vijay_kumar' 
b'phone number exposure for riders/drivers given email/uuid'
02 Jun 2017 timeline
b'Starbucks' disclosed a bug submitted by b'bughunterboy' 
b"CSRF: add item to victim's cart automatically (starbucks.com - updatecart)"
02 Jun 2017 timeline
b'Cuvva' disclosed a bug submitted by b'techwerx' 
b'Subdomain take over oh-no.cuvva.co and ohno.cuvva.co'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'sahil-mk' 
b'Captcha Bypass at Email Reset can lead to Spamming users.'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'sp1d3rs' 
b'Information Disclosure on demo.weblate.org'
02 Jun 2017 timeline
b'Cuvva' disclosed a bug submitted by b'introvertmac' 
b'Missing rate-limits at endpoints'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'mrityunjoy-emu' 
b'CSRF bypass ( Delate Source Translation From dictionaries ) in demo.weblate.org'
02 Jun 2017 timeline
b'Cuvva' disclosed a bug submitted by b'jrpeg' 
b'Reflected XSS on Branch domain'
02 Jun 2017 timeline
b'Mail.Ru' disclosed a bug submitted by b'xawdxawdx' 
b'Xss ? https://e.mail.ru/'
02 Jun 2017 timeline
b'Cuvva' disclosed a bug submitted by b'5z6ar7lu15' 
b'Sensitive Support Mail Disclosure'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'4cad' 
b'Uploaded XLF files result in External Entity Execution'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'4cad' 
b'API Does Not Apply Access Controls to Translations'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'asaxena2190' 
b'Design Flaw in session management of password reset '
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'mansoor_gilal' 
b'No notificatoin sent on email after account deletion.'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'sp1d3rs' 
b'Self-XSS can be achieved in the editor link using filter bypass'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'japzdivino' 
b'Login CSRF : Login Authentication Flaw'
02 Jun 2017 timeline
b'Weblate' disclosed a bug submitted by b'chols' 
b'No Rate Limiting at /contact'
02 Jun 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Invalid Pointer reference in L_RESCUE'
01 Jun 2017 timeline
1 ... 575 576 577 578 579 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM