Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'65 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'hogarth45' 
b'[h1-2102] Break permissions waterfall'
12 Feb 2022 timeline
b'Twitter' disclosed a bug submitted by b'iambouali' 
b"Blind XSS on Twitter's internal Jira panel at allows exfiltration of hackers reports and other sensitive data"
12 Feb 2022 timeline
b'Twitter' disclosed a bug submitted by b'zhirinovskiy' 
b'Discoverability by phone number/email restriction bypass'
11 Feb 2022 timeline
b'FetLife' disclosed a bug submitted by b'trieulieuf9' 
b'Able to detect if a user is FetLife supporter although this user hides their support badge in fetlife.com/conversations/{id} JSON response'
11 Feb 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'technorat' 
b'Information Exposure Through Directory Listing vulnerability'
11 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b'[h1-2102] Information disclosure - ShopifyPlus add user displays existing Shopify ID fullname'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'danishalkatiri' 
b'Bypass For #997350 your-store.myshopify.com preview link is leak on third party website Via Online Store'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'danishalkatiri' 
b'Password reset token leak via "Host header" on third party website'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'scaramouche31' 
b'Orders full read for a staff with only `Customers` permissions.'
10 Feb 2022 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'Critically Sensitive Spring Boot Endpoints Exposed'
10 Feb 2022 timeline
b'GitLab' disclosed a bug submitted by b'iwis' 
b'Sending Arbitrary Requests through Jupyter Notebooks on gitlab.com and Self-Hosted GitLab Instances'
10 Feb 2022 timeline
b'GitLab' disclosed a bug submitted by b'jafarakhondali' 
b'Installing Gitlab runner with Docker-In-Docker allows root access'
10 Feb 2022 timeline
b'Node.js' disclosed a bug submitted by b'bengl' 
b'Node.js Certificate Verification Bypass via String Injection'
10 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'Is the Google Bucket Meant To Be Publicly Listable? https://cdn.shopify.com/shop-assets/'
09 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'staffOrderNotificationSubscriptionDelete Could Be Used By Staff Member With Settings Permission'
09 Feb 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'staffOrderNotificationSubscriptionCreate Is Not Blocked Entirely From Staff Member With Settings Permission'
09 Feb 2022 timeline
b'Zomato' disclosed a bug submitted by b'0xdexter' 
b'Race condition in User comments Likes'
09 Feb 2022 timeline
b'TikTok' disclosed a bug submitted by b'imran_nisar' 
b'Reflected xss on ads.tiktok.com using `from` parameter.'
09 Feb 2022 timeline
b'Acronis' disclosed a bug submitted by b'quadrant' 
b'Cross-site Scripting (XSS) - Stored | forum.acronis.com'
08 Feb 2022 timeline
b'Acronis' disclosed a bug submitted by b'h4x0r_dz' 
b'Stored Cross-site Scripting on devicelock.com/forum/'
08 Feb 2022 timeline
1 ... 153 154 155 156 157 ... 746
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM