Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'IBM' disclosed a bug submitted by b'mocr7' 
b'Insecure Object Permissions for Guest User leads to access to internal documents!'
15 Jul 2022 timeline
b'LinkedIn' disclosed a bug submitted by b'raajeevrathnam' 
b'Add me email address Authentication bypass'
15 Jul 2022 timeline
b'MTN Group' disclosed a bug submitted by b'shuvam321' 
b'POST BASED REFLECTED XSS IN dailydeals.mtn.co.za'
15 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'inhibitor181' 
b'[h1-2102] shopApps query from the graphql at /users/api returns all existing created apps, including private ones'
15 Jul 2022 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Stored XSS for Grafana dashboard URL'
13 Jul 2022 timeline
b'Node.js' disclosed a bug submitted by b'pimterry' 
b'Undici does not use CONNECT or otherwise validate upstream HTTPS certificates when using a proxy'
13 Jul 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'pimterry' 
b'Undici ProxyAgent vulnerable to MITM '
13 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'comwrg' 
b'One Click XSS in [www.shopify.com]'
13 Jul 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'rubygems.org Batching attack to `confirmation_token` by bypass rate limit'
13 Jul 2022 timeline
b'Acronis' disclosed a bug submitted by b'savik' 
b'CVE-2021-40438 on cp-eu2.acronis.com'
13 Jul 2022 timeline
b'Acronis' disclosed a bug submitted by b'rhinestonecowboy' 
b'[CVE-2021-44228] nps.acronis.com is vulnerable to the recent log4shell 0-day'
13 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'codermak' 
b'Github base action takeover which is used in `github.com/Shopify/unity-buy-sdk`'
12 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'intidc' 
b'[h1-2102] HTML injection in packing slips can lead to physical theft'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'intidc' 
b'[h1-2102] Stored XSS in product description via `productUpdate` GraphQL query leads to XSS at handshake-web-internal.shopifycloud.com/products/[ID]'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'ramsexy' 
b'[h1-2102] Improper Access Control at https://shopify.plus/[id]/users/api in operation UpdateOrganizationUserTfaEnforcement'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'fr4via' 
b'Improper deep link validation '
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'kun_19' 
b'Collaborators and Staff members without all necessary permissions are able to create, edit and install custom apps'
11 Jul 2022 timeline
b'Shopify' disclosed a bug submitted by b'saltymermaid' 
b'Theme editor `oseid` parameter is leaked to third-party services through the `Referer` header which leads to somekind of storefront password bypass.'
11 Jul 2022 timeline
b'GitLab' disclosed a bug submitted by b'sateeshn' 
b'Able to view hackerone reports attachments'
11 Jul 2022 timeline
b'Stripe' disclosed a bug submitted by b'beerboy_ankit' 
b'Mass Account Takeover at https://app.taxjar.com/ - No user Interaction'
11 Jul 2022 timeline
1 ... 112 113 114 115 116 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM