Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Node.js' disclosed a bug submitted by b'pimterry' 
b'Undici does not use CONNECT or otherwise validate upstream HTTPS certificates when using a proxy'
13 Jul 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'pimterry' 
b'Undici ProxyAgent vulnerable to MITM '
13 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'comwrg' 
b'One Click XSS in [www.shopify.com]'
13 Jul 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'rubygems.org Batching attack to `confirmation_token` by bypass rate limit'
13 Jul 2022 timeline
b'Acronis' disclosed a bug submitted by b'savik' 
b'CVE-2021-40438 on cp-eu2.acronis.com'
13 Jul 2022 timeline
b'Acronis' disclosed a bug submitted by b'rhinestonecowboy' 
b'[CVE-2021-44228] nps.acronis.com is vulnerable to the recent log4shell 0-day'
13 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'codermak' 
b'Github base action takeover which is used in `github.com/Shopify/unity-buy-sdk`'
12 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'intidc' 
b'[h1-2102] HTML injection in packing slips can lead to physical theft'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'intidc' 
b'[h1-2102] Stored XSS in product description via `productUpdate` GraphQL query leads to XSS at handshake-web-internal.shopifycloud.com/products/[ID]'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'ramsexy' 
b'[h1-2102] Improper Access Control at https://shopify.plus/[id]/users/api in operation UpdateOrganizationUserTfaEnforcement'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'fr4via' 
b'Improper deep link validation '
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'kun_19' 
b'Collaborators and Staff members without all necessary permissions are able to create, edit and install custom apps'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'saltymermaid' 
b'Theme editor `oseid` parameter is leaked to third-party services through the `Referer` header which leads to somekind of storefront password bypass.'
11 Jul 2022 timeline
b'GitLab' disclosed a bug submitted by b'sateeshn' 
b'Able to view hackerone reports attachments'
11 Jul 2022 timeline
b'Stripe' disclosed a bug submitted by b'beerboy_ankit' 
b'Mass Account Takeover at https://app.taxjar.com/ - No user Interaction'
11 Jul 2022 timeline
b'Glovo' disclosed a bug submitted by b'cmuppin' 
b'Getting a free delivery by singing up from "admin_@glovoapp.com"'
11 Jul 2022 timeline
b'Glovo' disclosed a bug submitted by b'battle_angel' 
b'Server Side Template Injection on Name parameter during Sign Up process'
11 Jul 2022 timeline
b'Vanilla' disclosed a bug submitted by b'malek' 
b'Homograph attack bypass cause redirection'
10 Jul 2022 timeline
b'Radancy' disclosed a bug submitted by b'dk4trin' 
b'Blind SSRF at packagist.maximum.nl'
10 Jul 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tdp3kel9g' 
b'DoS via lua_read_body() [zhbug_httpd_94]'
09 Jul 2022 timeline
1 ... 100 101 102 103 104 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM