the unofficial HackerOne disclosure timeline.

X
b'Open-Xchange' disclosed a bug submitted by b'haquaman' 
b'Stored XSS in Template Documents'
28 Dec 2016 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'wra-ggs' 
b'HTTP OPTION Method is Enabled on portswigger.net '
27 Dec 2016 timeline
b'Gratipay' disclosed a bug submitted by b'dr-cdqh' 
b'Content type incorrectly stated'
27 Dec 2016 timeline
b'Gratipay' disclosed a bug submitted by b'aa23' 
b'User Enumeration'
27 Dec 2016 timeline
b'Mail.Ru' disclosed a bug submitted by b'cyberpunkych' 
b'Stored XSS ?? street-combats.mail.ru'
26 Dec 2016 timeline
b'LocalTapiola' disclosed a bug submitted by b'cyriac' 
b'SQL Injection in sijoitustalous_peruutus (viestinta.lahitapiola.fi)'
26 Dec 2016 timeline
b'LocalTapiola' disclosed a bug submitted by b'bobrov' 
b'Open Redirect (verkkopalvelu.lahitapiola.fi)'
26 Dec 2016 timeline
b'Instacart' disclosed a bug submitted by b'sameoldstory' 
b'Access private list metadata'
24 Dec 2016 timeline
b'Dovecot' disclosed a bug submitted by b'c4pt4ink1dd' 
b'Directory listing'
24 Dec 2016 timeline
b'Twitter' disclosed a bug submitted by b'floyd' 
b'Twitter iOS fails to validate server certificate and sends oauth token'
23 Dec 2016 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'hogarth45' 
b'Unrestricted File Upload'
22 Dec 2016 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'atik-rahman' 
b'DNS Misconfiguration'
22 Dec 2016 timeline
b'shopify-scripts' disclosed a bug submitted by b'dkasak' 
b'Broken handling of maximum number of method call arguments leads to segfault'
21 Dec 2016 timeline
b'OWOX, Inc.' disclosed a bug submitted by b'quistertow' 
b'HTTP Response Splitting(CRLF injection) in bi.owox.com'
20 Dec 2016 timeline
b'Starbucks' disclosed a bug submitted by b'gribdan' 
b'Subdomain takeover on happymondays.starbucks.com due to non-used AWS S3 DNS record'
19 Dec 2016 timeline
b'Starbucks' disclosed a bug submitted by b'meals' 
b'www.starbucks.co.uk Reflected XSS via utm_source parameter'
19 Dec 2016 timeline
b'InVision' disclosed a bug submitted by b'gr4ys' 
b'Content Spoofing - Signout Warning Page'
18 Dec 2016 timeline
b'shopify-scripts' disclosed a bug submitted by b'haquaman' 
b'Invalid memory write caused by incorrect upper bound in array_copy'
18 Dec 2016 timeline
b'shopify-scripts' disclosed a bug submitted by b'haquaman' 
b'Buffer overflow in mrb_time_asctime'
18 Dec 2016 timeline
b'shopify-scripts' disclosed a bug submitted by b'haquaman' 
b'Read after free in mrb_vm_exec with OP_ARYCAT reading R(B)'
18 Dec 2016 timeline
1 ... 619 620 621 622 623 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM