Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Stripe' disclosed a bug submitted by b'mustafa_farrag' 
b'Tomcat Servlet Examples accessible at https://44.240.33.83:38443 and https://52.36.56.155:38443'
19 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'Fully TaxJar account control and ability to disclose and modify business account settings Due to Broken Access Control in /current_user_data'
19 Oct 2022 timeline
b'Automattic' disclosed a bug submitted by b'ug0x01' 
b'IDOR able to buy a plan with lesser fee'
19 Oct 2022 timeline
b'Adobe' disclosed a bug submitted by b'dreamer_eh' 
b'DOM XSS at `https://adobedocs.github.io/OAE_PartnerAPI/?configUrl={site}` due to outdated Swagger UI'
19 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Users Without Permission Can Download Restricted Files'
18 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b"Sub-Dept User Can Add User's To Main Department."
18 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b"Access to private file's of helpdesk."
18 Oct 2022 timeline
b'TikTok' disclosed a bug submitted by b'f15' 
b'TikTok Account Creation Date Information Disclosure '
18 Oct 2022 timeline
b'Hyperledger' disclosed a bug submitted by b'mik-patient' 
b'CVE-2017-5929: Hyperledger - Arbitrary Deserialization of Untrusted Data '
18 Oct 2022 timeline
b'Shopify' disclosed a bug submitted by b'noblesix' 
b'XSS in www.shopify.com/markets?utm_source='
18 Oct 2022 timeline
b'MTN Group' disclosed a bug submitted by b'mr_sparrow' 
b'Otp bypass in verifying nin'
17 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0x1int' 
b'Host Header Injection on https:////Account/ForgotPassword'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0xd0ff9' 
b'Unauthenticated SQL Injection at [HtUS]'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'sudi' 
b'.git folder exposed [HtUS]'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'shreky' 
b'Unauthenticated PII leak on verified/requested to be verified profiles on /app/org/{id}/profile/{id}/version/{id} [HtUS]'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'ludv1k' 
b'Authentication bypass leads to Information Disclosure at U.S Air Force "https://"'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'720922' 
b'SSRF to read AWS metaData at https:/// [HtUS]'
14 Oct 2022 timeline
b'8x8' disclosed a bug submitted by b'testingforbugs' 
b'Subdomain Takeover at http://.get8x8.com/'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'ibrahim0936356' 
b"Found Origin IP's Lead To Access "
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'g4mb4' 
b'Broken access discloses users and PII at https:// [HtUS]'
14 Oct 2022 timeline
1 ... 98 99 100 101 102 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM