the unofficial HackerOne disclosure timeline.

X
b'Trello' disclosed a bug submitted by b'ak1t4' 
b'Can run arbitrary script on em.trello.com'
30 Nov 2016 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'opnsec' 
b'XSS in IE11 on portswigger.net via Flash'
30 Nov 2016 timeline
b'HackerOne' disclosed a bug submitted by b'japzdivino' 
b'Internal attachments can be exported via "Export as .zip" feature'
30 Nov 2016 timeline
b'Zendesk' disclosed a bug submitted by b'gribdan' 
b'AWS S3 bucket writable for authenticated aws user'
29 Nov 2016 timeline
b'Shopify' disclosed a bug submitted by b'clarck-owen' 
b'Able to Login deactivated staff account in shopify app mobile'
29 Nov 2016 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'arneswinnen' 
b'Authentication bypass on sso.ubnt.com via subdomain takeover of ping.ubnt.com'
29 Nov 2016 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'vibhuti_i' 
b'IDOR Causing Deletion of any account'
29 Nov 2016 timeline
b'HackerOne' disclosed a bug submitted by b'faisalahmed' 
b'Partial disclosure of report activity through new "Export as .zip" feature'
29 Nov 2016 timeline
b'Slack' disclosed a bug submitted by b'narendrabhati' 
b'Rate-limit bypass'
28 Nov 2016 timeline
b'Coinbase' disclosed a bug submitted by b'ahmed_anwer_mohamed' 
b'Application error message'
28 Nov 2016 timeline
b'Coinbase' disclosed a bug submitted by b'punkrock' 
b'Window.opener bug at www.coinbase.com'
28 Nov 2016 timeline
b'Coinbase' disclosed a bug submitted by b'xorgin' 
b'Information leakage on https://docs.gdax.com'
28 Nov 2016 timeline
b'Coinbase' disclosed a bug submitted by b'kaleemgiet' 
b'ByPassing the email Validation Email on Sign up process in mobile apps'
28 Nov 2016 timeline
b'Informatica' disclosed a bug submitted by b'strukt' 
b'[kb.informatica.com] Unauthenticated emails and HTML injection in email messages'
28 Nov 2016 timeline
b'Veris' disclosed a bug submitted by b'mr_sharma_' 
b'Reflected Cross site scripting'
28 Nov 2016 timeline
b'Twitter' disclosed a bug submitted by b'bains' 
b'XSS using javascript:alert(8007)'
28 Nov 2016 timeline
b'DigitalSellz' disclosed a bug submitted by b'sameoldstory' 
b'Access to Amazon S3 bucket'
27 Nov 2016 timeline
b'DigitalSellz' disclosed a bug submitted by b'robin_linus' 
b'Public profile is vulnerable to stored XSS / Facebook Token can be stolen'
27 Nov 2016 timeline
b'DigitalSellz' disclosed a bug submitted by b'skorov' 
b'AWS Signature Disclosure in www.digitalsellz.com allows FULL access to Amazon S3'
27 Nov 2016 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'fransrosen' 
b'Subdomain takeover on partners.ubnt.com due to non-used CloudFront DNS entry'
27 Nov 2016 timeline
1 ... 625 626 627 628 629 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM