Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'OneWeb' disclosed a bug submitted by b'melbadry9' 
b'Subdomain Takeover - pmp.oneweb.net'
04 Nov 2021 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Attacker is able to join any tenant on larksuite and view personal files/chats.'
03 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'andridev_' 
b'[samokat.ru] PHP modules path disclosure due to lack of error handling'
03 Nov 2021 timeline
b'Node.js' disclosed a bug submitted by b'mkg' 
b'HTTP Request Smuggling due to ignoring chunk extensions'
02 Nov 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'C# : Add query to detect Server Side Request Forgery'
02 Nov 2021 timeline
b'Flickr' disclosed a bug submitted by b'mr_robert' 
b'critical server misconfiguration lead to access to any user sensitive data which include user email and password'
02 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b's_kustm' 
b'[play.skillbox.ru] CRLF Injection'
30 Oct 2021 timeline
b'TikTok' disclosed a bug submitted by b'siratsami' 
b'HTML Injection on tiktoktutorials via firstName parameter'
30 Oct 2021 timeline
b'Grammarly' disclosed a bug submitted by b'evilksandr' 
b'Bypassing the Grammarly plagiarism checker by simply replacing characters in the source text'
28 Oct 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'al-madjus' 
b'AWS subdomain takeover of www.'
28 Oct 2021 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'zhenwarx' 
b'Reflected XSS at via = parameter '
28 Oct 2021 timeline
b'Agoric' disclosed a bug submitted by b'pacmanx' 
b'Dependency on private SSH keys in public github'
27 Oct 2021 timeline
b'8x8' disclosed a bug submitted by b'ian' 
b'Exposed PHP dependencies at .8x8.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'm0hacks' 
b'Missing rate limit in current password change settings leads to Account takeover'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'karthik86' 
b'Content Spoofing/Text Injection at https://gateway-production.dubsmash.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'rahulkankrale' 
b'Third party app could steal access token as well as protected files using inAppBrowser'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'yashrs' 
b'Race condition leads to Inflation of coins when bought via Google Play Store at endpoint https://oauth.reddit.com/api/v2/gold/android/verify_purchase '
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'trieulieuf9' 
b'Outsider can affect Upvote Percentage of private subreddit post by calling /api/vote API'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'moblig' 
b"Image queue default key of 'None' and GraphQL unhandled type exception"
27 Oct 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'ch1ck3n42' 
b'Script breaking tag (Forces website to render blank) (Informative)'
23 Oct 2021 timeline
1 ... 176 177 178 179 180 ... 752
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM