the unofficial HackerOne disclosure timeline.

X
b'Badoo' disclosed a bug submitted by b'tikoo_sahil' 
b'CSRF Attack on (m.badoo.com)deleting account and erasing imported contacts'
06 Feb 2017 timeline
b'Phabricator' disclosed a bug submitted by b'denispugachev' 
b'Restricted file access when it exists in old versions of task or wiki document'
06 Feb 2017 timeline
b'Phabricator' disclosed a bug submitted by b'denispugachev' 
b'Enumerating emails through "Forgot Password" form'
06 Feb 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'dem0n1212' 
b'Subdomain Takeover (moderator.ubnt.com)'
06 Feb 2017 timeline
b'Yelp' disclosed a bug submitted by b'jazzy17' 
b'Able to download arbitrary PHP files at yelpblog.com'
06 Feb 2017 timeline
b'Twitter' disclosed a bug submitted by b'hussein98d' 
b'GNIP subdomain take over'
06 Feb 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'icanthack' 
b'SIGABRT - mrb_default_allocf '
05 Feb 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'icanthack' 
b'Segmentation fault on program counter'
05 Feb 2017 timeline
b'LocalTapiola' disclosed a bug submitted by b'zenhax' 
b'HTTP status code manipluation & java stack trace '
04 Feb 2017 timeline
b'LocalTapiola' disclosed a bug submitted by b'frankie_xote' 
b'Enumeration in unsubscribe -function of /omatalousuk (viestinta.lahitapiola.fi)'
04 Feb 2017 timeline
b'LocalTapiola' disclosed a bug submitted by b'kelia' 
b'Open Redirect bypass and cookie leakage on www.lahitapiola.com'
04 Feb 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'japzdivino' 
b'Password complexity requirements not enforced'
04 Feb 2017 timeline
b'Starbucks' disclosed a bug submitted by b'meals' 
b'Java Deserialization RCE via JBoss JMXInvokerServlet/EJBInvokerServlet on card.starbucks.in'
03 Feb 2017 timeline
b'LocalTapiola' disclosed a bug submitted by b'eeko' 
b'Suspicious browser fingerprinting(?) scripts on http://www.lahitapiola.fi/ redirector'
03 Feb 2017 timeline
b'Twitter' disclosed a bug submitted by b'akhil-reni' 
b'Stealing User emails by clickjacking cards.twitter.com/xxx/xxx'
03 Feb 2017 timeline
b'LocalTapiola' disclosed a bug submitted by b'bobrov' 
b'Multiple Reflected XSS /webApp/lahti (viestinta.lahitapiola.fi)'
03 Feb 2017 timeline
b'Trello' disclosed a bug submitted by b'dhaval' 
b'Full Sub Domain Takeover at help.trello.com.'
02 Feb 2017 timeline
b'Automattic' disclosed a bug submitted by b'muhammadkhizerjaved' 
b'cloudup Subdomain Takeover That resolves to Desk.com ( CNAME cloudup.desk.com ) '
02 Feb 2017 timeline
b'Pushwoosh' disclosed a bug submitted by b'falldi' 
b'Clickjacking'
02 Feb 2017 timeline
b'WebSummit' disclosed a bug submitted by b'dhaval' 
b'Full Sub Domain Takeover at s3.websummit.net'
02 Feb 2017 timeline
1 ... 611 612 613 614 615 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM