Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'inDrive' disclosed a bug submitted by b'polem4rch' 
b'Change phone number OTP flaw leads to any phone number takeover'
09 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Path traversal in AcitveStorage, and lead RCE'
08 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'trufflesecurity' 
b'Sauce Labs API key unencrypted in an old commit'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'cryptopone' 
b'HTML injection possible with soft email confirmations when Administrator manually confirms attacker email address'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'70rpedo' 
b'Maintainer can leak sentry token by changing the configured URL (fix bypass)'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'afewgoats' 
b'ReDoS due to device-detector parsing user agents'
08 Oct 2024 timeline
b'Mozilla' disclosed a bug submitted by b'anhchangmutrang' 
b'User API Key leakage in Github commit leads to unauthorized access to sql.telemetry.mozilla.org'
08 Oct 2024 timeline
b'MTN Group' disclosed a bug submitted by b'hazemhussien99' 
b'IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage. '
05 Oct 2024 timeline
b'MTN Group' disclosed a bug submitted by b'hazemhussien99' 
b'Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE>'
05 Oct 2024 timeline
b'AWS VDP' disclosed a bug submitted by b'hesham_elsheme' 
b'External service interaction (HTTP)'
04 Oct 2024 timeline
b'IBM' disclosed a bug submitted by b'mersa-v6' 
b'SSRF via host header let access localhost via https://go.dialexa.com'
03 Oct 2024 timeline
b'TikTok' disclosed a bug submitted by b'ahmed_xyz' 
b'Stored-XSS-ads.tiktok.com'
02 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'tefa_' 
b'Remove obsolete domain from handbook subdomain'
01 Oct 2024 timeline
b'IBM' disclosed a bug submitted by b'0xhassan' 
b'IBM OpenPages vulnerable to exposure of sensitive information'
01 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'XSS when using `translate` in Action Controller (Rails 7.0, 7.1)'
01 Oct 2024 timeline
b'Mattermost' disclosed a bug submitted by b'c0rydoras' 
b"Posts sent via websockets aren't sanitized properly"
01 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'moblig' 
b'IDOR Exposes All Machine Learning Models'
01 Oct 2024 timeline
b'Rocket.Chat' disclosed a bug submitted by b'h0011' 
b'The initial E2EE password generated by Rocket.Chat mobile can be recovered in a practical timescale.'
01 Oct 2024 timeline
b'Nintendo' disclosed a bug submitted by b'regginator' 
b'[Switch, PIA/MK8DX] Stack buffer overflow and potential RCE in PIA (LAN/LDN, possibly NEX) room info deserialization'
30 Sep 2024 timeline
b'Acronis' disclosed a bug submitted by b'mr-medi' 
b'PUT Based CSRF via Client Side Path Traversal + Cookie Bomb on Acronis Cloud'
27 Sep 2024 timeline
1 ... 5 6 7 8 9 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM