the unofficial HackerOne disclosure timeline.

X
b'Automattic' disclosed a bug submitted by b'akshyy' 
b"Remove anyone's pic gravtar"
05 Jun 2016 timeline
b'Badoo' disclosed a bug submitted by b'esevece' 
b'Tokens from services like Facebook can be stolen'
03 Jun 2016 timeline
b'Badoo' disclosed a bug submitted by b'saeedhashem' 
b"Ability to collect users' ids that have visited a specific web page with malicious code "
03 Jun 2016 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'ebrietas' 
b'Auth bypass on directory.corp.ubnt.com'
02 Jun 2016 timeline
b'WePay' disclosed a bug submitted by b'krankopwnz' 
b'Unauthenticated Stored XSS in API Panel'
02 Jun 2016 timeline
b'Shopify' disclosed a bug submitted by b'ogig' 
b'SVG parser loads external resources on image upload'
02 Jun 2016 timeline
b'Mapbox' disclosed a bug submitted by b'dawgyg' 
b'Reflected cross-site scripting (XSS) on api.tiles.mapbox.com'
01 Jun 2016 timeline
b'Zendesk' disclosed a bug submitted by b'eboda' 
b'Stored XSS on [your_zendesk].zendesk.com in Facebook Channel'
01 Jun 2016 timeline
b'Zendesk' disclosed a bug submitted by b'albinowax' 
b'Stored XSS via Angular Expression injection on developer.zendesk.com'
01 Jun 2016 timeline
b'LocalTapiola' disclosed a bug submitted by b'reactors08' 
b'www.lahitapiola.fi DOM XSS by choosing regional company'
01 Jun 2016 timeline
b'Algolia' disclosed a bug submitted by b'bugs3ra' 
b'No rate-limit in Two factor Authentication leads to bypass using bruteforce attack'
01 Jun 2016 timeline
b'Algolia' disclosed a bug submitted by b'bugs3ra' 
b'API Key added for one Indices works for all other indices too.'
01 Jun 2016 timeline
b'Algolia' disclosed a bug submitted by b'bugs3ra' 
b'PHP version disclosed on blog.algolia.com'
01 Jun 2016 timeline
b'Algolia' disclosed a bug submitted by b'bugs3ra' 
b'User with limited access to Index configuration can rename the Index'
01 Jun 2016 timeline
b'BitHunt' disclosed a bug submitted by b'bugs3ra' 
b'No rate limit or captcha to identify humans'
01 Jun 2016 timeline
b'Zomato' disclosed a bug submitted by b'thisishrsh' 
b'Bypass OTP verification when placing Order'
01 Jun 2016 timeline
b'OpenSSL' disclosed a bug submitted by b'dadrian' 
b'Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)'
01 Jun 2016 timeline
b'OpenSSL' disclosed a bug submitted by b'dadrian' 
b'Bleichenbacher oracle in SSLv2 (CVE-2016-0704)'
01 Jun 2016 timeline
b'Mapbox' disclosed a bug submitted by b'bugs3ra' 
b'Mapbox API Access Token with No Scope Can Read Styles'
31 May 2016 timeline
b'Mapbox' disclosed a bug submitted by b'apok' 
b'Denial of service in account statistics endpoint'
31 May 2016 timeline
1 ... 672 673 674 675 676 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM