Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Urban Company' disclosed a bug submitted by b't3chn0phil3' 
b'Private ip leaking through response'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Android app does not clear end to end encryption keys'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Trusted server shared secret stored unencrypted in the database'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Federated shares are not password protected'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Ransomware protection is missing extentions'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'No admin audit log for auth tokens'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'No admin audit entry for enabling/disabling 2FA'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Session fixation on public talk links'
16 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Serverinfo endpoints are not bruteforce protected nor are tokens properly generated'
16 Jun 2021 timeline
b'Sifchain' disclosed a bug submitted by b'g4urav_19' 
b'Error Page Content Spoofing or Text Injection'
15 Jun 2021 timeline
b'UPchieve' disclosed a bug submitted by b'shivanshmalik2' 
b'Clickjacking on profile page leading to unauthorized changes'
15 Jun 2021 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'kq8dq' 
b'Denial of service via cache poisoning on https://www.data.gov/'
15 Jun 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'sazouki' 
b'Reflected XSS through ClickJacking'
15 Jun 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'fiveguyslover' 
b'XML Injection / External Service Interaction (HTTP/DNS) On https://.mil'
15 Jun 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'the_boschko' 
b'Default Admin Username and Password on Server at mil'
15 Jun 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'fdeleite' 
b'Elmah.axd is publicly accessible leaking Error Log'
15 Jun 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Default Nextcloud Server and Android Client leak sharee searches to Nextcloud'
15 Jun 2021 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'XSS by MathML at Active Storage'
15 Jun 2021 timeline
b'Ruby on Rails' disclosed a bug submitted by b'komang4130' 
b'HTTP Host injection in redirect_to function'
15 Jun 2021 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Regex Injection from request header (Rack::Sendfile, send_file)'
15 Jun 2021 timeline
1 ... 170 171 172 173 174 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM