the unofficial HackerOne disclosure timeline.

X
b'OLX' disclosed a bug submitted by b'ph0b0s' 
b'Reflected XSS in olx.pt'
06 Apr 2017 timeline
b'Twitter' disclosed a bug submitted by b'mindaugas' 
b'SSRF in https://cards-dev.twitter.com/validator'
06 Apr 2017 timeline
b'GitLab' disclosed a bug submitted by b'eadz' 
b'Open redirect'
06 Apr 2017 timeline
b'OLX' disclosed a bug submitted by b'mohamedsherif' 
b'yaman.olx.ph/wordpress is using a very vulnerable version of WordPress and contains directory listing'
06 Apr 2017 timeline
b'GitLab' disclosed a bug submitted by b'ysx' 
b'[Repository Import] Open Redirect via "continue[to]" parameter '
06 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'edio' 
b'Phabricator is vulnerable to padding oracle attacks and chosen-ciphertext attacks.'
05 Apr 2017 timeline
b'Gratipay' disclosed a bug submitted by b'mhashim29' 
b'Inadequate/dangerous jQuery behavior'
05 Apr 2017 timeline
b'HackerOne' disclosed a bug submitted by b'0xffe4' 
b'Transitioning a Private Program to Public Does Not Clear Previously Private Updates to Hackers'
05 Apr 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'm7mdharoun' 
b'Design Issues on ( ??? ) Lead to show ( IPS of Users ) '
05 Apr 2017 timeline
b'Ruby' disclosed a bug submitted by b'cloudyvirus' 
b'RCE (Remote Code Execution) Vulnerability on Ruby'
05 Apr 2017 timeline
b'Quora' disclosed a bug submitted by b'bobrov' 
b'[Android] XSS via start ContentActivity'
05 Apr 2017 timeline
b'Trello' disclosed a bug submitted by b'kartik1202' 
b'Rate limiting of incorrect Two Factor Authentication codes not enforced'
04 Apr 2017 timeline
b'Souq.com' disclosed a bug submitted by b'mohammedalsaggaf' 
b'reflected xss on search bar (uae.souq.com)'
04 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'kevin_c' 
b'An unsafe design practice in the Passphrase may result in Secret being accidentally changed.'
04 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Heap Buffer Overflow while processing OP_SEND'
03 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b"Null pointer dereference in 'get_file'"
03 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Invalid Pointer Reference from OP_RESCUE'
03 Apr 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'jerusha' 
b'Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header'
03 Apr 2017 timeline
b'Twitter' disclosed a bug submitted by b'filedescriptor' 
b'DOMXSS in Tweetdeck'
02 Apr 2017 timeline
b'Twitter' disclosed a bug submitted by b'yaworsk' 
b'niche s3 buckets are readable/writeable/deleteable by authorized AWS users'
02 Apr 2017 timeline
1 ... 595 596 597 598 599 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM