Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'tobiaskaminsky' 
b'nextcloudcmd incorrectly trusts bad TLS certificates'
25 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'andyscherzinger' 
b'Talk Android broadcast receiver is not protected by broadcastPermission allowing malicious apps to communicate'
25 Dec 2022 timeline
b'MTN Group' disclosed a bug submitted by b'coyemerald' 
b'Developer Mistake'
25 Dec 2022 timeline
b'MTN Group' disclosed a bug submitted by b'coyemerald' 
b'Exposure Of Admin Username & Password'
25 Dec 2022 timeline
b'MTN Group' disclosed a bug submitted by b'netboy' 
b'Information Disclosure Leads To User Data Leak'
24 Dec 2022 timeline
b'Acronis' disclosed a bug submitted by b'melar_dev' 
b'mysql credentials exposed on - https://cz.acronis.com/docker-compose.yml'
24 Dec 2022 timeline
b'Omise' disclosed a bug submitted by b'sim4n6' 
b'Secret API Key is logged in cleartext '
23 Dec 2022 timeline
b'Khan Academy' disclosed a bug submitted by b'moom825' 
b'xss due to incorrect handling of postmessages'
23 Dec 2022 timeline
b'GitHub' disclosed a bug submitted by b'ali_shehab' 
b'Managing Pages '
22 Dec 2022 timeline
b'Stripe' disclosed a bug submitted by b'akashhamal0x01' 
b'Mass account takeover!'
21 Dec 2022 timeline
b'Quantopian' disclosed a bug submitted by b'irisrumtub' 
b'Stored cross-site scripting in dataset owner.'
21 Dec 2022 timeline
b'Quantopian' disclosed a bug submitted by b'irisrumtub' 
b'Ability to perform various POST requests on quantopian.com as a different user - insecure by design.'
21 Dec 2022 timeline
b'Quantopian' disclosed a bug submitted by b'irisrumtub' 
b'Cross-site scripting via hardcoded front-end watched expression.'
21 Dec 2022 timeline
b'Quantopian' disclosed a bug submitted by b'irisrumtub' 
b'Cross-site scripting on algorithm collaborator '
21 Dec 2022 timeline
b'Urban Company' disclosed a bug submitted by b'musashi42' 
b'Host header injection that bypassed protection and allowed accessing multiple subdomains'
21 Dec 2022 timeline
b'curl' disclosed a bug submitted by b'kurohiro' 
b'CVE-2022-43551: Another HSTS bypass via IDN'
21 Dec 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'Unauthorized Canceling/Unsubscribe TaxJar account & Payment information DIsclosure'
20 Dec 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'[Broken Access Control ] Unauthorized Linking accounts & Linked Accounts info DIsclosure'
20 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'errorx404' 
b'Missing length validation of user displayname allows to generate an SQL error'
20 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'lauritz' 
b'[user_oidc] Stored XSS via Authorization Endpoint - Safari-Only'
18 Dec 2022 timeline
1 ... 102 103 104 105 106 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM