Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'michag86' 
b'user can bypass password enforcement when federated sharing is enabled'
01 Jun 2022 timeline
b'Glovo' disclosed a bug submitted by b'omarelfarsaoui' 
b'Django debug enabled showing information about system, database, configuration files'
31 May 2022 timeline
b'Phabricator' disclosed a bug submitted by b'dyls' 
b'Deprecated owners.query API bypasses object view policy'
31 May 2022 timeline
b'Adobe' disclosed a bug submitted by b'saajanbhujel' 
b'Able to bypass the fix on DOM XSS at [www.adobe.com]'
31 May 2022 timeline
b'Adobe' disclosed a bug submitted by b'saajanbhujel' 
b'DOM XSS on www.adobe.com'
31 May 2022 timeline
b'Stripe' disclosed a bug submitted by b'rodolfomarianocy' 
b'CSRF token validation system is disabled on Stripe Dashboard'
31 May 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'demonia' 
b'Improper input-size validation on the user new session name can result in server-side DDoS.'
31 May 2022 timeline
b'Vanilla' disclosed a bug submitted by b'mohit0786' 
b'BlIND XSS on https://open.vanillaforums.com'
31 May 2022 timeline
b'Acronis' disclosed a bug submitted by b'mega7' 
b'Self XSS in attachments name'
31 May 2022 timeline
b'Alohi' disclosed a bug submitted by b'darkknight4688' 
b'Users who are restricted to use the application because of a "Waiting List" are able to get access to the Beta Application by bypassing the waitlist'
30 May 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'piao' 
b'CVE-2022-28738: Double free in Regexp compilation'
28 May 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'david_h1' 
b'Control character filtering misses leading and trailing whitespace in file and folder names'
27 May 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'qj_test' 
b'Notification implicit PendingIntent in com.nextcloud.client allows to access contacts'
27 May 2022 timeline
b'Uber' disclosed a bug submitted by b'ian' 
b'Full read SSRF in flyte-poc-us-east4.uberinternal.com'
26 May 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'ashutosh7' 
b'[Urgent] Critical Vulnerability [RCE] on vulnerable to Remote Code Execution by exploiting MS15-034, CVE-2015-1635'
26 May 2022 timeline
b'U.S. General Services Administration' disclosed a bug submitted by b'hollaatm3' 
b'Read Other Users Reports Through Cloning'
26 May 2022 timeline
b'HackerOne' disclosed a bug submitted by b'bugra' 
b'Blind XSS in app.pullrequest.com/ via /reviews/ratings/{uuid}'
25 May 2022 timeline
b'GitLab' disclosed a bug submitted by b'joaxcar' 
b'Stored XSS in Notes (with CSP bypass for gitlab.com)'
25 May 2022 timeline
b'Judge.me ' disclosed a bug submitted by b'caue' 
b'Email templates XSS by filterXSS bypass'
25 May 2022 timeline
b'Flickr' disclosed a bug submitted by b'ian' 
b'Critical broken cookie signing on dagobah.flickr.com '
24 May 2022 timeline
1 ... 107 108 109 110 111 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM