Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'VK.com' disclosed a bug submitted by b'azimoff' 
b'XSS .'
01 Dec 2021 timeline
b'Glassdoor' disclosed a bug submitted by b'bombon' 
b'[https://www.glassdoor.com] - Web Cache Deception Leads to gdtoken Disclosure '
30 Nov 2021 timeline
b'Acronis' disclosed a bug submitted by b'spookhorror' 
b'IDOR vulnerability (Price manipulation)'
30 Nov 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'palaziv' 
b'Unauthenticated Access to Admin Panel Functions at https:///'
29 Nov 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'palaziv' 
b'Unauthenticated Access to Admin Panel Functions at https:///'
29 Nov 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'dmonsterrr' 
b'Expired SSL Certificate allows credentials steal'
29 Nov 2021 timeline
b'MCUboot' disclosed a bug submitted by b'r0m50' 
b'private keys exposed on the GitHub repository'
27 Nov 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'sbakhour' 
b'CSRF on delete friend requests - Not protected with CSRF Token'
26 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'fr4via' 
b'Insufficient session expiration in the **com.shopify.ping** android app'
26 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'stapia' 
b'A non-privileged user may create an admin account in Stocky'
25 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'youstin' 
b'Sidekiq dashboard exposed at notary.shopifycloud.com'
25 Nov 2021 timeline
b'Traffic Factory' disclosed a bug submitted by b'vavkamil' 
b'WordPress Plugin Update Confusion at trafficfactory.com'
25 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'ghost_shell' 
b'Cross-site Scripting (XSS) - Stored'
25 Nov 2021 timeline
b'DigitalOcean' disclosed a bug submitted by b'wshadow' 
b'Blind XSS via Digital Ocean Partner account creation form.'
23 Nov 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'rajput__16' 
b'No-Rate limit of current password on delete account endpoint(https://www.xvideos.com/account/close)'
23 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'hydraxanon82' 
b'Staff who only have apps and channels permission can do a takeover account at the wholesale store (Bypass get invitation link)'
21 Nov 2021 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'sachin_kumar_' 
b'Full account takeover of any user through GET /checkout/psp/auth_response?'
21 Nov 2021 timeline
b'8x8' disclosed a bug submitted by b'plokta' 
b'[jitsi-meet] Authentication Bypass when using JWT w/ public keys'
20 Nov 2021 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Non privileged user is able to approve his own app himself leading to mass privilege escalations.'
20 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'itsecurityco' 
b'Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.50'
19 Nov 2021 timeline
1 ... 137 138 139 140 141 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM