Top10 publishers:
b'bobrov'117 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'sp1d3rs'68 
b'someonenobbd'62 
b'nyymi'55 
b'jon_bottarini'49 
b'haxta4ok00'48 
b'netfuzzer'48 

the unofficial HackerOne disclosure timeline.

X
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'[Java] CWE-759: Query to detect password hash without a salt'
12 Apr 2021 timeline
b'Stripo Inc' disclosed a bug submitted by b'0x6964696f74' 
b'Stored XSS at Module Name'
12 Apr 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'kiriknik' 
b'Blind SSRF on [relap.io]'
12 Apr 2021 timeline
b'Zivver' disclosed a bug submitted by b'irfan07' 
b'Cross-site Scripting (XSS) - Reflected'
12 Apr 2021 timeline
b'DuckDuckGo' disclosed a bug submitted by b'pmoc' 
b'Reflected/Stored XSS on duckduckgo.com'
10 Apr 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'dennisleo6' 
b'read new emails from any inbox IOS APP in notification center'
10 Apr 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'chutchut' 
b'Local SQL Injection in Content Provider (ru.mail.data.contact.ContactsProvider) of Mail.ru for Android, version 12.2.0.29734'
10 Apr 2021 timeline
b'U.S. General Services Administration' disclosed a bug submitted by b'amannnnnnnnnnnnnnn' 
b'CRLF INJECTION '
10 Apr 2021 timeline
b'Uber' disclosed a bug submitted by b'm4ll0x0k' 
b'Exposedin apk file - devbuilds.uber.com'
09 Apr 2021 timeline
b'Glassdoor' disclosed a bug submitted by b'bendtheory' 
b'XSS at https://www.glassdoor.com/Salary/* via filter.jobTitleExact'
09 Apr 2021 timeline
b'VK.com' disclosed a bug submitted by b'manaenckov' 
b'Open Redirect VKMA'
09 Apr 2021 timeline
b'VK.com' disclosed a bug submitted by b'onlymalelove' 
b' vk.com. ( , .)'
09 Apr 2021 timeline
b'Shopify' disclosed a bug submitted by b'fatal0' 
b'XSS at https://exchangemarketplace.com/blogsearch'
09 Apr 2021 timeline
b'Shopify' disclosed a bug submitted by b'g4mm4' 
b'https://themes.shopify.com::: Host header web cache poisoning lead to DoS'
08 Apr 2021 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b"[h1-2102] Partner's team member with no permission can retrieve services financial data"
08 Apr 2021 timeline
b'Shopify' disclosed a bug submitted by b'ramsexy' 
b"[h1-2102] [Yaworski's Broskis] Low privilege user can read POS PINs via graphql and elevate his privilege"
08 Apr 2021 timeline
b'Shopify' disclosed a bug submitted by b'luc1d' 
b'Stored XSS on apps.shopify.com'
08 Apr 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'skarsom' 
b'Sending trusted and emails through public API endpoint in site'
08 Apr 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'skarsom' 
b'RCE in subdomain via CVE-2017-1000486'
08 Apr 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'skarsom' 
b'IDOR on https:// via POST UID enables database scraping'
08 Apr 2021 timeline
1 ... 162 163 164 165 166 ... 694
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM