Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'pwn33d' 
b'CSRF to ATO at https:///user/account [HtUS]'
06 Jan 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0x53_0x52_0x59' 
b'xss on reset password page'
06 Jan 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'chef_shell' 
b'XSS via Client Side Template Injection on www./News/Speeches'
06 Jan 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'leixiao' 
b'CVE-2022-40127: RCE in Apache Airflow <2.4.0 bash example'
05 Jan 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'0b5cur17y' 
b' CVE-2022-23520: Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)'
04 Jan 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'0b5cur17y' 
b'CVE-2022-23519: Rails::Html::SafeListSanitizer vulnerable to XSS when certain tags are allowed (math+style || svg+style)'
04 Jan 2023 timeline
b'Consensys' disclosed a bug submitted by b'doosec101' 
b'CSV Injection at https://assets-paris-demo.codefi.network/'
04 Jan 2023 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'ReDoS (Rails::Html::PermitScrubber.scrub_attribute)'
02 Jan 2023 timeline
b'Tor' disclosed a bug submitted by b'soulhunter' 
b'Address Bar Spoofing on TOR Browser'
02 Jan 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'daniel_calvino_sanchez' 
b'Guests can continue to receive video streams from call after being removed from a conversation'
31 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'hackeronefour' 
b'No password length limit when creating a user as an administrator'
31 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'juliushaertl' 
b'Disabled download shares still allow download through preview images'
31 Dec 2022 timeline
b'JetBlue' disclosed a bug submitted by b'dracoludio' 
b'Dom-Based XSS on parameter ?vsid='
30 Dec 2022 timeline
b'Twitter' disclosed a bug submitted by b'jub0bs' 
b"Chained open redirects and use of Ideographic Full Stop defeat Twitter's approach to blocking links"
29 Dec 2022 timeline
b'Khan Academy' disclosed a bug submitted by b'fdeleite' 
b'S3 bucket takeover [learn2.khanacademy.org]'
29 Dec 2022 timeline
b'MTN Group' disclosed a bug submitted by b'thewikiii' 
b'Wordpress users Disclosure [ /wp-json/wp/v2/users/ ] Not Resolved () '
28 Dec 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'jrs53' 
b'Leak of sensitive values to Airflow rendered template'
27 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'spaceraccoon' 
b'SMTP Command Injection in Appointment Emails via Newlines'
27 Dec 2022 timeline
b'curl' disclosed a bug submitted by b'bagder' 
b'CVE-2022-43552: HTTP Proxy deny use-after-free'
26 Dec 2022 timeline
b'Linktree' disclosed a bug submitted by b'twelvesix' 
b'Account takeover - improper validation of jwt signature (with regards to experiation date claim)'
26 Dec 2022 timeline
1 ... 101 102 103 104 105 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM