Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Internet Bug Bounty' disclosed a bug submitted by b'mhdawson_' 
b'Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS'
09 Apr 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'vwx7' 
b'HTTP Request Smuggling Due to Incorrect Parsing of Header Fields'
09 Apr 2023 timeline
b'Elastic' disclosed a bug submitted by b'dee-see' 
b'Synthetics Recorder: Code injection when recording website with malicious content'
08 Apr 2023 timeline
b'ResMed' disclosed a bug submitted by b'pranav-pranayx01' 
b'[shop.resmed.com]CSRF leads to Unsubscribe victim from Communication and Reward Membership'
06 Apr 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'mikaelgundersen' 
b'CSRF protection on OIDC login is broken'
04 Apr 2023 timeline
b'Kindred Group' disclosed a bug submitted by b'sw33tlie' 
b'[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover'
03 Apr 2023 timeline
b'Kindred Group' disclosed a bug submitted by b'fransrosen' 
b'Full Account Takeover on *.unibet.com due to crossdomain.xml and AkamaiPlayer loaderContext'
03 Apr 2023 timeline
b'Kindred Group' disclosed a bug submitted by b'naaash' 
b'[unibet.com] Delete messages via IDOR at /mom-api/messages/unibet_@unibet/'
03 Apr 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'bababounty99' 
b'Dangling DNS Record docs.jitsi.net (unsuccessful GSuite takeover)'
03 Apr 2023 timeline
b'Expedia Group Bug Bounty' disclosed a bug submitted by b'bombon' 
b'Cache Deception Allows Account Takeover'
01 Apr 2023 timeline
b'Expedia Group Bug Bounty' disclosed a bug submitted by b'bombon' 
b'Cache Poisoning Allows Stored XSS Via hav Cookie Parameter (To Account Takeover)'
01 Apr 2023 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'gregxsunday' 
b'[ruby]: ZipSlip/TarSlip vulnerability detection'
31 Mar 2023 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'maikypedia' 
b'[Ruby]: Server Side Template Injection'
31 Mar 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'devokta' 
b'Twitter Account hijack @nextcloudfrance'
30 Mar 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'bohwaz' 
b'the complete server installation path is visible in cloud/user endpoint'
30 Mar 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'gorei' 
b'Insecure randomness for default password in file sharing when password policy app is disabled'
30 Mar 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'Secure view trivial to bypass'
30 Mar 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'timon8' 
b'CRLF Injection in Nodejs undici via host'
29 Mar 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'mj0nes-vsat' 
b'CVE-2023-23919: Multiple OpenSSL error handling issues in nodejs crypto library'
29 Mar 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'tushar6378' 
b'Unauthorized User can View Subscribers of Other Users Newsletters'
29 Mar 2023 timeline
1 ... 65 66 67 68 69 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM