Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2023-23915: HSTS amnesia with --parallel'
15 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'emperor' 
b'connect.8x8.com: Users with no permission can track/access restricted details/data via GET /api/v2/support/requests/<ticket number >HTTP/2'
15 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'emperor' 
b'connect.8x8.com: admin user can send invites on behalf of another admin user via POST /api/v1/users/<User ID>/invites'
15 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'emperor' 
b'connect.8x8.com: deactivated users remain access to /api/v1/users/UUID/roles'
15 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'emperor' 
b'jaas.8x8.vc: Removed users can still have READ/WRITE access to the workspace via different API endpoints'
15 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'emperor' 
b'admin.8x8.vc: Member users with no permission can integrate email to connect calendar via GET /meet-external/spot-roomkeeper/v1/calendar/auth/init?..'
15 Feb 2023 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'HTML injection that may lead to XSS on HackerOne.com through H1 Triage Wizard Chrome Extension'
14 Feb 2023 timeline
b'Stripe' disclosed a bug submitted by b'd_sharad' 
b'Promotion code can be used more than redemption limit.'
13 Feb 2023 timeline
b'Twitter' disclosed a bug submitted by b'eissen5c' 
b'The Deleted Polls is Still Accessable after 30 Days'
13 Feb 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'spell1' 
b'Splunk Sensitive Information Disclosure @axiellstore.usahec.org'
13 Feb 2023 timeline
b'HackerOne' disclosed a bug submitted by b'syjane' 
b'HackerOne Undisclosed Report Leak via PoC of Full Disclosure on Hacktivity'
10 Feb 2023 timeline
b'EXNESS' disclosed a bug submitted by b'ashwarya' 
b'Double forward slash breaks server-side restrictions & allows access to prohibited services from a partner account'
10 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschke' 
b'Desktop client can be tricked into opening/executing local files when clicking a nc://open/ link'
10 Feb 2023 timeline
b'8x8 Bounty' disclosed a bug submitted by b'ex0dus-0x' 
b'Jitsi Desktop Client RCE By Interacting with Malicious URL Schemes on Windows'
10 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'obitorasu' 
b'SSRF via filter bypass due to lax checking on IPs'
10 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'aditya404' 
b'No password length restriction in reset password endpoint'
09 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'mik-patient' 
b'Vulnerable moment-timezone version shipped'
08 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'mik-patient' 
b'Suspicious login app ships old league/flysystem version'
08 Feb 2023 timeline
b'Hyperledger' disclosed a bug submitted by b'r3drush' 
b'Dependency confusion in https://github.com/hyperledger/aries-mobile-agent-react-native '
07 Feb 2023 timeline
b'Yelp' disclosed a bug submitted by b'ilpadrino' 
b'Fraudulent claim of business.'
06 Feb 2023 timeline
1 ... 84 85 86 87 88 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM