the unofficial HackerOne disclosure timeline.

X
b'Weblate' disclosed a bug submitted by b'footstep' 
b'Running 2 accounts with a single email'
18 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'secachhunew' 
b'HttpOnly Flag not set '
18 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'smit' 
b'Missing restriction on string size of Full Name at https://demo.weblate.org/accounts/register/'
18 May 2017 timeline
b'concrete5' disclosed a bug submitted by b'cdl' 
b'Stored XSS in Express Objects - Concrete5 v8.1.0'
17 May 2017 timeline
b'concrete5' disclosed a bug submitted by b'cdl' 
b'Stored XSS in RSS Feeds Title (Concrete5 v8.1.0)'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'eugui' 
b'Notify user about password change'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'jaypatel' 
b'No BruteForce Protection'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'jaypatel' 
b'CSRF : Reset API '
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'jaypatel' 
b'CSV Injection with the CSV export feature'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'jaypatel' 
b'CSRF : Lock and Unlock Translation'
17 May 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'simongurney' 
b'AirFibre products vulnerable to HTTP Header injection'
17 May 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'simongurney' 
b'Can upload files without authentication on AirFibre 3.2'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'twicedi' 
b'Weak e-mail change functionality could lead to account takeover'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'csanuragjain' 
b'Self XSS at translation page through Editor Link at demo.weblate.org'
17 May 2017 timeline
b'Uber' disclosed a bug submitted by b'procode701' 
b'password reset token leaking allowed for ATO of an Uber account'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'pavanw3b' 
b'session id missing secure flag - Hosted Website'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'atruba' 
b'Rate Limit Bypass on login Page'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'atruba' 
b'User Enumeration when adding email to account'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'atruba' 
b'Spamming any user from Reset Password Function'
17 May 2017 timeline
b'Weblate' disclosed a bug submitted by b'edio' 
b'CSV export filter bypass leads to formula injection.'
17 May 2017 timeline
1 ... 582 583 584 585 586 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM