Top10 publishers:
bobrov117 
geeknik79 
linkks75 
sp1d3rs68 
jobert64 
someonenobbd60 
jon_bottarini49 
netfuzzer48 
haxta4ok0048 
ryat47 

the unofficial HackerOne disclosure timeline.

X
curl disclosed a bug submitted by maslahhunter 
match
09 Jun 2022 timeline
Reddit disclosed a bug submitted by 3amii 
Several Subdomains Takeover
08 Jun 2022 timeline
GitLab disclosed a bug submitted by ooooooo_q 
XSS by clicking Jira's link
08 Jun 2022 timeline
GitLab disclosed a bug submitted by ehhthing 
Gitlab Pages token theft using service workers
08 Jun 2022 timeline
GitLab disclosed a bug submitted by joaxcar 
"External status checks" can be accepted by users below developer access if the user is either author or assignee of the target merge request
08 Jun 2022 timeline
GitLab disclosed a bug submitted by jarij 
Stored XSS on issue comments and other pages which contain notes
08 Jun 2022 timeline
Glassdoor disclosed a bug submitted by 0x7 
Reflected XSS on https://www.glassdoor.com/parts/header.htm
08 Jun 2022 timeline
Glassdoor disclosed a bug submitted by 0x7 
Reflected XSS on https://help.glassdoor.com/gd_requestsubmitpage
08 Jun 2022 timeline
Glassdoor disclosed a bug submitted by 0x7 
Open redirect on https://www.glassdoor.com/profile/siwa.htm via state parameter
08 Jun 2022 timeline
GitLab disclosed a bug submitted by saltyyolk 
Path traversal, to RCE
07 Jun 2022 timeline
GitLab disclosed a bug submitted by saltyyolk 
Steal private objects of other projects via project import
07 Jun 2022 timeline
GitLab disclosed a bug submitted by saltyyolk 
Private objects exposed through project import
07 Jun 2022 timeline
GitLab disclosed a bug submitted by saltyyolk 
Path traversal in Nuget Package Registry
07 Jun 2022 timeline
Acronis disclosed a bug submitted by ub3rsick 
Store Admin Page Accessible Without Authentication at http://www.grouplogic.com/ADMIN/store/index.cfm
07 Jun 2022 timeline
Acronis disclosed a bug submitted by ub3rsick 
Stored Cross Site Scripting at http://www.grouplogic.com/ADMIN/store/index.cfm?fa=disprocode
07 Jun 2022 timeline
Reddit disclosed a bug submitted by h1ugroon 
Misconfigurated login page able to lock login action for any account without user interaction
06 Jun 2022 timeline
Exodus disclosed a bug submitted by bismillahfortuner 
2 Cache Poisoning Attack Methods Affect Core Functionality www.exodus.com
06 Jun 2022 timeline
U.S. General Services Administration disclosed a bug submitted by rptl 
Registered users contact information disclosure on salesforce lightning endpoint https://disposal.gsa.gov
06 Jun 2022 timeline
curl disclosed a bug submitted by nyymi 
Heap overflow via HTTP/2 PUSH_PROMISE
05 Jun 2022 timeline
curl disclosed a bug submitted by nyymi 
KRB-FTP: Security level downgrade
05 Jun 2022 timeline
1 2 3 4 5 ... 613
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM