Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Urban Company' disclosed a bug submitted by b'musashi42' 
b'Host header injection that bypassed protection and allowed accessing multiple subdomains'
21 Dec 2022 timeline
b'curl' disclosed a bug submitted by b'kurohiro' 
b'CVE-2022-43551: Another HSTS bypass via IDN'
21 Dec 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'Unauthorized Canceling/Unsubscribe TaxJar account & Payment information DIsclosure'
20 Dec 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'[Broken Access Control ] Unauthorized Linking accounts & Linked Accounts info DIsclosure'
20 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'errorx404' 
b'Missing length validation of user displayname allows to generate an SQL error'
20 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'lauritz' 
b'[user_oidc] Stored XSS via Authorization Endpoint - Safari-Only'
18 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'lauritz' 
b'[user_oidc] Unencrypted Communications'
18 Dec 2022 timeline
b'Khan Academy' disclosed a bug submitted by b'shuvam321' 
b'Email Verification Bypass Allows Users to Add & verify Any Email As Guardians Email '
17 Dec 2022 timeline
b'Sony' disclosed a bug submitted by b'n0x496n' 
b'LFI at http://www.'
16 Dec 2022 timeline
b'Consensys' disclosed a bug submitted by b'krrish_hackk' 
b'Sub-Domain Takeover at http://www.codefi.consensys.net/'
16 Dec 2022 timeline
b'Automattic' disclosed a bug submitted by b'aaroncarson' 
b'Akismet API keys are exposed by authentication method'
16 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'0x3bdo' 
b'Exposed Log File Lead to Full Internal path disclosure at [https://nextcloud.com/wp-content/debug.log] '
15 Dec 2022 timeline
b'MTN Group' disclosed a bug submitted by b'jimmisimon' 
b'Firebase credentials leak'
15 Dec 2022 timeline
b'Nintendo' disclosed a bug submitted by b'rambo6glaz' 
b'[MK8DX] Improper verification of Competition creation allows to create "Official" competitions'
15 Dec 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'ReDoS (Rails::Html::PermitScrubber.scrub_attribute)'
14 Dec 2022 timeline
b'Ruby on Rails' disclosed a bug submitted by b'0b5cur17y' 
b'Rails::Html::SafeListSanitizer vulnerable to XSS when certain tags are allowed (math+style || svg+style)'
14 Dec 2022 timeline
b'Ruby on Rails' disclosed a bug submitted by b'0b5cur17y' 
b'Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)'
14 Dec 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'theinternetofdefcon_' 
b'Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable'
14 Dec 2022 timeline
b'Ruby' disclosed a bug submitted by b'djspinmonkey' 
b'Attacker can smuggle a malicious domain in a URI object.'
13 Dec 2022 timeline
b'GitHub' disclosed a bug submitted by b'legit-security' 
b'DoS via markdown API from unauthenticated user'
13 Dec 2022 timeline
1 ... 78 79 80 81 82 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM