Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'pirateducky' 
b'default creds on https://'
14 Feb 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'takester' 
b'Unauthorized access to PII leads to MASS account Takeover'
14 Feb 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'iam_a_jinchuriki' 
b'RXSS ON https://'
14 Feb 2022 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'ghostxsec' 
b'[CVE-2020-3452] Unauthenticated file read in Cisco ASA'
14 Feb 2022 timeline
b'UPchieve' disclosed a bug submitted by b'zeyu2001' 
b'Widespread CSRF on authenticated POST endpoints'
13 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'hogarth45' 
b'[h1-2102] Break permissions waterfall'
12 Feb 2022 timeline
b'Twitter' disclosed a bug submitted by b'iambouali' 
b"Blind XSS on Twitter's internal Jira panel at allows exfiltration of hackers reports and other sensitive data"
12 Feb 2022 timeline
b'Twitter' disclosed a bug submitted by b'zhirinovskiy' 
b'Discoverability by phone number/email restriction bypass'
11 Feb 2022 timeline
b'FetLife' disclosed a bug submitted by b'trieulieuf9' 
b'Able to detect if a user is FetLife supporter although this user hides their support badge in fetlife.com/conversations/{id} JSON response'
11 Feb 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'technorat' 
b'Information Exposure Through Directory Listing vulnerability'
11 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b'[h1-2102] Information disclosure - ShopifyPlus add user displays existing Shopify ID fullname'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'danishalkatiri' 
b'Bypass For #997350 your-store.myshopify.com preview link is leak on third party website Via Online Store'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'danishalkatiri' 
b'Password reset token leak via "Host header" on third party website'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'scaramouche31' 
b'Orders full read for a staff with only `Customers` permissions.'
10 Feb 2022 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'Critically Sensitive Spring Boot Endpoints Exposed'
10 Feb 2022 timeline
b'GitLab' disclosed a bug submitted by b'iwis' 
b'Sending Arbitrary Requests through Jupyter Notebooks on gitlab.com and Self-Hosted GitLab Instances'
10 Feb 2022 timeline
b'GitLab' disclosed a bug submitted by b'jafarakhondali' 
b'Installing Gitlab runner with Docker-In-Docker allows root access'
10 Feb 2022 timeline
b'Node.js' disclosed a bug submitted by b'bengl' 
b'Node.js Certificate Verification Bypass via String Injection'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'Is the Google Bucket Meant To Be Publicly Listable? https://cdn.shopify.com/shop-assets/'
09 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'staffOrderNotificationSubscriptionDelete Could Be Used By Staff Member With Settings Permission'
09 Feb 2022 timeline
1 ... 145 146 147 148 149 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM