the unofficial HackerOne disclosure timeline.

X
b'Veris' disclosed a bug submitted by b'itly' 
b'Critical IDOR - Get venue data of any organization remotely'
12 Jun 2016 timeline
b'Uber' disclosed a bug submitted by b'r0t1v' 
b'Enumerating userIDs with phone numbers'
11 Jun 2016 timeline
b'Moneybird' disclosed a bug submitted by b'krankopwnz' 
b'Reflected XSS in Backend search'
11 Jun 2016 timeline
b'Sucuri' disclosed a bug submitted by b'jackds' 
b'CRLF/HTTP header injection www.sucuri.net'
10 Jun 2016 timeline
b'Badoo' disclosed a bug submitted by b'nikitchenko' 
b'????????? ????????? ???????? ???????????'
09 Jun 2016 timeline
b'Binary.com' disclosed a bug submitted by b'ameer0x0a' 
b'CJ vulnerability in subdomain'
09 Jun 2016 timeline
b'Trello' disclosed a bug submitted by b'thezawad' 
b'XSS in Jetpack plugin'
08 Jun 2016 timeline
b'LocalTapiola' disclosed a bug submitted by b'billy_blaze' 
b'Possibly big authorization problem in L\xc3\xa4hitapiola\xc2\xb4s varainhoito'
08 Jun 2016 timeline
b'Veris' disclosed a bug submitted by b'footstep' 
b'Unauthenticated CSRF(User can input any value for CSRF Token)'
08 Jun 2016 timeline
b'Phabricator' disclosed a bug submitted by b'fnqgpc' 
b'Full path disclosure'
08 Jun 2016 timeline
b'HackerOne' disclosed a bug submitted by b'c666a323be94d57' 
b'RCE in profile picture upload'
08 Jun 2016 timeline
b'Coinbase' disclosed a bug submitted by b'anik' 
b'Transaction Pending Via Ip Change '
07 Jun 2016 timeline
b'Uber' disclosed a bug submitted by b'err' 
b'Password Reset Does Not Confirm the Existence of an Email Address'
07 Jun 2016 timeline
b'New Relic' disclosed a bug submitted by b'the_joker' 
b'Session takeover'
06 Jun 2016 timeline
b'QIWI' disclosed a bug submitted by b'ngaurav' 
b'SSL Certificate on qiwi.com will expire soon.'
06 Jun 2016 timeline
b'Uber' disclosed a bug submitted by b'jouko' 
b'Compromising Atlassian Confluence (team.uberinternal.com) via WordPress (newsroom.uber.com)'
06 Jun 2016 timeline
b'Uber' disclosed a bug submitted by b'jouko' 
b'OneLogin authentication bypass on WordPress sites'
06 Jun 2016 timeline
b'Automattic' disclosed a bug submitted by b'akshyy' 
b"Remove anyone's pic gravtar"
05 Jun 2016 timeline
b'Badoo' disclosed a bug submitted by b'esevece' 
b'Tokens from services like Facebook can be stolen'
03 Jun 2016 timeline
b'Badoo' disclosed a bug submitted by b'saeedhashem' 
b"Ability to collect users' ids that have visited a specific web page with malicious code "
03 Jun 2016 timeline
1 ... 669 670 671 672 673 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM