Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'bombon' 
b'Bypassing Cache Deception Armor using .avif extension file'
27 Jun 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'mattipv4' 
b'Sign in with Apple generates long-life JWTs, seemingly irrevocable, that grant immediate access to accounts'
27 Jun 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'mattipv4' 
b'Sign in with Apple works on existing accounts, bypasses 2FA'
27 Jun 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'sainaen' 
b'API docs expose an active token for the sample domain theburritobot.com'
27 Jun 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'windshock' 
b'Rails::Html::SafeListSanitizer vulnerable to xss attack in an environment that allows the style tag'
27 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2022-32205: Set-Cookie denial of service'
27 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2022-32206: HTTP compression denial of service'
27 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2022-32207: Unpreserved file permissions'
27 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2022-32208: FTP-KRB bad message verification'
27 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'chen172' 
b'Credential leak when use two url'
27 Jun 2022 timeline
b'Phabricator' disclosed a bug submitted by b'foobar7' 
b'User can link non-public file attachments, leading to file disclose on edit by higher-privileged user'
26 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'thypon' 
b'Bypass for Domain-level redirects (Unvalidated Redirects and Forwar)'
22 Jun 2022 timeline
b'Reddit' disclosed a bug submitted by b'bisesh' 
b'Able to approve admin approval and change effective status without adding payment details . '
22 Jun 2022 timeline
b'Alohi' disclosed a bug submitted by b'zeesozee' 
b'Weak rate limit for SIGN.PLUS email verification'
21 Jun 2022 timeline
b'Krisp' disclosed a bug submitted by b'yassineaboukir' 
b'Authentication CSRF resulting in unauthorized account access on Krisp app'
20 Jun 2022 timeline
b'Krisp' disclosed a bug submitted by b'life__001' 
b'Add more seats by paying less via PUT /v2/seats request manipulation'
20 Jun 2022 timeline
b'UPS VDP' disclosed a bug submitted by b'7odamo' 
b'Admin Authentication Bypass Lead to Admin Account Takeover '
20 Jun 2022 timeline
b'Enjin' disclosed a bug submitted by b'whiteshadow201' 
b'Authentication token and CSRF token bypass'
19 Jun 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'michag86' 
b'bypass forced password protection via circles app'
19 Jun 2022 timeline
b'UPS VDP' disclosed a bug submitted by b'nayefhamouda' 
b'Broken access control '
18 Jun 2022 timeline
1 ... 103 104 105 106 107 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM