Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Traffic Factory' disclosed a bug submitted by b'vavkamil' 
b'WordPress Plugin Update Confusion at trafficfactory.com'
25 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'ghost_shell' 
b'Cross-site Scripting (XSS) - Stored'
25 Nov 2021 timeline
b'DigitalOcean' disclosed a bug submitted by b'wshadow' 
b'Blind XSS via Digital Ocean Partner account creation form.'
23 Nov 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'rajput__16' 
b'No-Rate limit of current password on delete account endpoint(https://www.xvideos.com/account/close)'
23 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'hydraxanon82' 
b'Staff who only have apps and channels permission can do a takeover account at the wholesale store (Bypass get invitation link)'
21 Nov 2021 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'sachin_kumar_' 
b'Full account takeover of any user through GET /checkout/psp/auth_response?'
21 Nov 2021 timeline
b'8x8' disclosed a bug submitted by b'plokta' 
b'[jitsi-meet] Authentication Bypass when using JWT w/ public keys'
20 Nov 2021 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Non privileged user is able to approve his own app himself leading to mass privilege escalations.'
20 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'itsecurityco' 
b'Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.50'
19 Nov 2021 timeline
b'Azbuka Vkusa' disclosed a bug submitted by b'ronr' 
b'Reflected XSS on av.ru via `q` parameter at https://av.ru/collections/*'
19 Nov 2021 timeline
b'UPchieve' disclosed a bug submitted by b'maisanisnotyours' 
b'Clickjacking ar https://hackers.upchieve.org/login'
19 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'svalkanov' 
b'Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods'
19 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'fms' 
b'Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013)'
19 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'savik' 
b'Apache Flink Dashboard exposure at https://streaming-sales-model-production.flink.shopifykloud.com'
18 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'mshtawythug' 
b'The Host Authorization middleware in Action Pack is vulnerable to crafted X-Forwarded-Host values'
18 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'beerboy_ankit' 
b'Open Redirect in www.shopify.dev Environment '
18 Nov 2021 timeline
b'Judge.me ' disclosed a bug submitted by b'rioncool22' 
b'Stored XSS in Email Templates via link'
18 Nov 2021 timeline
b'GitLab' disclosed a bug submitted by b'misha98857' 
b'Stored XSS via Mermaid Prototype Pollution vulnerability'
18 Nov 2021 timeline
b'TikTok' disclosed a bug submitted by b'boynamedboy' 
b'BYPASSING COMMENTING ON RESTRICTED AUDIENCE VIDEOS'
18 Nov 2021 timeline
b'Rockstar Games' disclosed a bug submitted by b'sn0wd3n' 
b'Social Club Account Takeover Via RGL And Steam/Epic Linked Account'
17 Nov 2021 timeline
1 ... 158 159 160 161 162 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM