Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Rockstar Games' disclosed a bug submitted by b'bugstar' 
b'Exposed CDN access token allows modification of all newly uploaded Snapmatic photos'
26 Jan 2024 timeline
b'Mars' disclosed a bug submitted by b'callmed0_4' 
b'Datadog api keys exposed can be used to do all the read and write access to the instance'
25 Jan 2024 timeline
b'Shopify' disclosed a bug submitted by b'ssilvass' 
b'Reflected XSS on help.shopify.com'
25 Jan 2024 timeline
b'Enjin' disclosed a bug submitted by b'tushar_rec0n' 
b'Lack of Tenant Scoping Enables Limited Cross-Tenant Data Querying and Mutation'
25 Jan 2024 timeline
b'Sony' disclosed a bug submitted by b'testingforbugs' 
b'SQL injection at '
24 Jan 2024 timeline
b'CS Money' disclosed a bug submitted by b'benjamin-mauss' 
b'Html injection on subscription email'
23 Jan 2024 timeline
b'Shopify' disclosed a bug submitted by b'callmed0_4' 
b'Staff without Manage Themes permissions can update themes'
23 Jan 2024 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'alp' 
b'PII Disclosure At `theperfumeshop.com/register/forOrder`'
23 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'cxshakal' 
b'curl HSTS long file name clears contents '
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'marshallofsound' 
b'ASAR Integrity bypass via filetype confusion'
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ranjit_p' 
b'Cookie headers are not cleared in cross-domain redirect in undici-fetch'
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tniessen' 
b'Path traversal through path stored in Uint8Array in Node.js 20'
20 Jan 2024 timeline
b'Mozilla Critical Services' disclosed a bug submitted by b'0x90security' 
b'Remote code execution and exfiltration of secret tokens by poisoning the mozilla/fxa CI build cache'
20 Jan 2024 timeline
b'HackerOne' disclosed a bug submitted by b'aleklebio7' 
b'Some limited confidential information can still be accessed after a user exits a private program'
19 Jan 2024 timeline
b'Enjin' disclosed a bug submitted by b'alpernae' 
b'Weak Email Verification: Newly Registered Users Can Bypass Email Verification Step and Log In'
19 Jan 2024 timeline
b'Enjin' disclosed a bug submitted by b'alpernae' 
b'Revocation API Token by Bypassing The XSRF Token'
19 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Authentication bypass in Global Site Selector allows an attacker to log in as any user'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Improper handling of request URLs in nextcloud/guests allows guest users to bypass app allowlist'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Non-admin users can reset app allowlist to the default'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Open redirect in user_saml via RelayState parameter'
18 Jan 2024 timeline
1 ... 73 74 75 76 77 ... 758
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM