Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'C# : Add query to detect Server Side Request Forgery'
02 Nov 2021 timeline
b'Flickr' disclosed a bug submitted by b'mr_robert' 
b'critical server misconfiguration lead to access to any user sensitive data which include user email and password'
02 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b's_kustm' 
b'[play.skillbox.ru] CRLF Injection'
30 Oct 2021 timeline
b'TikTok' disclosed a bug submitted by b'siratsami' 
b'HTML Injection on tiktoktutorials via firstName parameter'
30 Oct 2021 timeline
b'Grammarly' disclosed a bug submitted by b'evilksandr' 
b'Bypassing the Grammarly plagiarism checker by simply replacing characters in the source text'
28 Oct 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'al-madjus' 
b'AWS subdomain takeover of www.'
28 Oct 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'zhenwarx' 
b'Reflected XSS at via = parameter '
28 Oct 2021 timeline
b'Agoric' disclosed a bug submitted by b'pacmanx' 
b'Dependency on private SSH keys in public github'
27 Oct 2021 timeline
b'8x8' disclosed a bug submitted by b'ian' 
b'Exposed PHP dependencies at .8x8.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'm0hacks' 
b'Missing rate limit in current password change settings leads to Account takeover'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'karthik86' 
b'Content Spoofing/Text Injection at https://gateway-production.dubsmash.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'rahulkankrale' 
b'Third party app could steal access token as well as protected files using inAppBrowser'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'yashrs' 
b'Race condition leads to Inflation of coins when bought via Google Play Store at endpoint https://oauth.reddit.com/api/v2/gold/android/verify_purchase '
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'trieulieuf9' 
b'Outsider can affect Upvote Percentage of private subreddit post by calling /api/vote API'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'moblig' 
b"Image queue default key of 'None' and GraphQL unhandled type exception"
27 Oct 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'ch1ck3n42' 
b'Script breaking tag (Forces website to render blank) (Informative)'
23 Oct 2021 timeline
b'TikTok' disclosed a bug submitted by b'arifmkhls' 
b'XSS on tiktok.com'
23 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jessforfun' 
b'[Java] CWE-552: Unsafe url forward'
22 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'[cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics'
22 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jessforfun' 
b'[Python]: CWE-117 Log Injection '
22 Oct 2021 timeline
1 ... 142 143 144 145 146 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM