Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Internet Bug Bounty' disclosed a bug submitted by b'happyhacking123' 
b'CVE-2022-35948: CRLF Injection in Nodejs undici via Content-Type'
23 Sep 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'happyhacking123' 
b'CVE-2022-38362: Apache Airflow Docker Provider <3.0 RCE vulnerability in example dag'
23 Sep 2022 timeline
b'Basecamp' disclosed a bug submitted by b'fr4via' 
b'com.basecamp.bc3 Webview Javascript Injection and JS bridge takeover'
23 Sep 2022 timeline
b'Reddit' disclosed a bug submitted by b'lu3ky-13' 
b'Open Redirect on www.redditinc.com via `failed` query param'
22 Sep 2022 timeline
b'GitLab' disclosed a bug submitted by b'joaxcar' 
b'Content injection in Jira issue title enabling sending arbitrary POST request as victim'
22 Sep 2022 timeline
b'GitLab' disclosed a bug submitted by b'joaxcar' 
b'Unauthenticated IP allowlist bypass when accessing job artifacts through gitlab pages at `{group_id}.gitlab.io`'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'getUsersOfRoom discloses users in private channels'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'mikolajczak' 
b'Rocket.chat user info security issue'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'Message ID Enumeration with Regular Expression in getReadReceipts Meteor method'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'API route chat.getThreadsList leaks private message content'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'NoSQL-Injection discloses S3 File Upload URLs'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'getRoomRoles Method leaks Channel Owner'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'TOTP 2 Factor Authentication Bypass'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'Message ID Enumeration with Action Link Handler'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'paulocsanz' 
b'REST API gets `query` as parameter and executes it'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'rolfzur' 
b'Unintended information disclosure in the Hubot Log files'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'dago_669' 
b'Bypass local authentication (PIN code)'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'gronke' 
b'getUserMentionsByChannel leaks messages with mention from private channel'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'garretby' 
b'It is possible to elevate privileges for any authenticated user to view permissions matrix and view Direct messages without appropriate permissions.'
22 Sep 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'danieljpp' 
b'Persistent CSS injection with marked markdown parser in Rocket.Chat'
22 Sep 2022 timeline
1 ... 131 132 133 134 135 ... 759
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM