Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Ability to View Non-Permitted Admin Log'
20 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'[CSRF] No Csrf protection against sending invitation to join the team.'
20 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'Mass Accounts Takeover Without any user Interaction at https://app.taxjar.com/ '
19 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'gregxsunday' 
b"Local applications from user's computer can listen for webhooks via insecure gRPC server from stripe-cli"
19 Oct 2022 timeline
b'U.S. General Services Administration' disclosed a bug submitted by b'toormund' 
b'User information disclosed via API'
19 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'sim4n6' 
b'Bypassing domain deny_list rule in Smokescreen via double brackets [[]] which leads to SSRF'
19 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'mustafa_farrag' 
b'Tomcat Servlet Examples accessible at https://44.240.33.83:38443 and https://52.36.56.155:38443'
19 Oct 2022 timeline
b'Stripe' disclosed a bug submitted by b'mr_asg' 
b'Fully TaxJar account control and ability to disclose and modify business account settings Due to Broken Access Control in /current_user_data'
19 Oct 2022 timeline
b'Automattic' disclosed a bug submitted by b'ug0x01' 
b'IDOR able to buy a plan with lesser fee'
19 Oct 2022 timeline
b'Adobe' disclosed a bug submitted by b'dreamer_eh' 
b'DOM XSS at `https://adobedocs.github.io/OAE_PartnerAPI/?configUrl={site}` due to outdated Swagger UI'
19 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Users Without Permission Can Download Restricted Files'
18 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b"Sub-Dept User Can Add User's To Main Department."
18 Oct 2022 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b"Access to private file's of helpdesk."
18 Oct 2022 timeline
b'TikTok' disclosed a bug submitted by b'f15' 
b'TikTok Account Creation Date Information Disclosure '
18 Oct 2022 timeline
b'Hyperledger' disclosed a bug submitted by b'mik-patient' 
b'CVE-2017-5929: Hyperledger - Arbitrary Deserialization of Untrusted Data '
18 Oct 2022 timeline
b'Shopify' disclosed a bug submitted by b'noblesix' 
b'XSS in www.shopify.com/markets?utm_source='
18 Oct 2022 timeline
b'MTN Group' disclosed a bug submitted by b'mr_sparrow' 
b'Otp bypass in verifying nin'
17 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0x1int' 
b'Host Header Injection on https:////Account/ForgotPassword'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0xd0ff9' 
b'Unauthenticated SQL Injection at [HtUS]'
14 Oct 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'sudi' 
b'.git folder exposed [HtUS]'
14 Oct 2022 timeline
1 ... 110 111 112 113 114 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM