Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'GitLab' disclosed a bug submitted by b'ooooooo_q' 
b"XSS by clicking Jira's link"
08 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'ehhthing' 
b'Gitlab Pages token theft using service workers'
08 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'joaxcar' 
b'"External status checks" can be accepted by users below developer access if the user is either author or assignee of the target merge request'
08 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'jarij' 
b'Stored XSS on issue comments and other pages which contain notes'
08 Jun 2022 timeline
b'Glassdoor' disclosed a bug submitted by b'0x7' 
b'Reflected XSS on https://www.glassdoor.com/parts/header.htm'
08 Jun 2022 timeline
b'Glassdoor' disclosed a bug submitted by b'0x7' 
b'Reflected XSS on https://help.glassdoor.com/gd_requestsubmitpage'
08 Jun 2022 timeline
b'Glassdoor' disclosed a bug submitted by b'0x7' 
b'Open redirect on https://www.glassdoor.com/profile/siwa.htm via state parameter'
08 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Path traversal, to RCE'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Steal private objects of other projects via project import'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Private objects exposed through project import'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Path traversal in Nuget Package Registry'
07 Jun 2022 timeline
b'Acronis' disclosed a bug submitted by b'ub3rsick' 
b'Store Admin Page Accessible Without Authentication at http://www.grouplogic.com/ADMIN/store/index.cfm'
07 Jun 2022 timeline
b'Acronis' disclosed a bug submitted by b'ub3rsick' 
b'Stored Cross Site Scripting at http://www.grouplogic.com/ADMIN/store/index.cfm?fa=disprocode'
07 Jun 2022 timeline
b'Reddit' disclosed a bug submitted by b'h1ugroon' 
b'Misconfigurated login page able to lock login action for any account without user interaction'
06 Jun 2022 timeline
b'Exodus' disclosed a bug submitted by b'bismillahfortuner' 
b'2 Cache Poisoning Attack Methods Affect Core Functionality www.exodus.com'
06 Jun 2022 timeline
b'U.S. General Services Administration' disclosed a bug submitted by b'rptl' 
b'Registered users contact information disclosure on salesforce lightning endpoint https://disposal.gsa.gov'
06 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'Heap overflow via HTTP/2 PUSH_PROMISE'
05 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'KRB-FTP: Security level downgrade'
05 Jun 2022 timeline
b'Kubernetes' disclosed a bug submitted by b'codermak' 
b'Github Account Takeover from Docs page of `kubernetes-csi.github.io`'
04 Jun 2022 timeline
b'Imgur' disclosed a bug submitted by b'mr_baka' 
b'8ybhy85kld9zp9xf84x6.imgur.com Subdomain Takeover'
03 Jun 2022 timeline
1 ... 130 131 132 133 134 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM