Top10 publishers:
bobrov60 
isox36 
4lemon34 
zombiehelp5430 Twitter
ston327 
smiegles27 Twitter
shahmeer_amir26 
jobert26 
haquaman26 
guido26 Twitter

the unofficial HackerOne disclosure timeline.

X
Mapbox disclosed a bug submitted by apapedulimu 
Node modules path disclosure due to lack of error handling
11 Jul 2017 timeline
Apache httpd (IBB) disclosed a bug submitted by regilero 
Apache HTTP Request Parsing Whitespace Defects
11 Jul 2017 timeline
Mail.Ru disclosed a bug submitted by lincoln9932 
XSS ? ?????????? ?????????
11 Jul 2017 timeline
Mail.Ru disclosed a bug submitted by haxta4ok00 
By pass admin panel [conference.mail.ru]
11 Jul 2017 timeline
Mail.Ru disclosed a bug submitted by haxta4ok00 
By pass admin panel [seminars.mail.ru]
11 Jul 2017 timeline
Mail.Ru disclosed a bug submitted by haxta4ok00 
Admin panel access restrictions bypass [poll.mail.ru/admin/]
11 Jul 2017 timeline
Gratipay disclosed a bug submitted by khanshaheb 
SQL TEST
11 Jul 2017 timeline
Twitter disclosed a bug submitted by r3ligious-hunt3r 
Vine all registered user Private/sensitive information disclosure .[ Ip address/phone no/email and many other informations ]
11 Jul 2017 timeline
Trello disclosed a bug submitted by csanuragjain 
Malicious file can be hidden as Card Attachment or Card Cover image
10 Jul 2017 timeline
Pornhub disclosed a bug submitted by ilsani 
Reflected XSS on ht.pornhub.com - /export/GetPreview
10 Jul 2017 timeline
Pornhub disclosed a bug submitted by ramsexy 
http://ht.pornhub.com/ stored XSS in widget stylesheet
10 Jul 2017 timeline
Yelp disclosed a bug submitted by edio 
Firefly's verify_access_token() function does a byte-by-byte comparison of HMAC values.
10 Jul 2017 timeline
Pornhub disclosed a bug submitted by kenziy 
pornhub.com/user/welcome/basicinfo nickname field is vulnerable on xss
10 Jul 2017 timeline
WakaTime disclosed a bug submitted by abhiram 
by pass rate limit exceed
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by karthic 
Usernames ending in .json are not restricted
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by karthic 
x-xss protection header is not set in response header
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by yodha 
Lack of CSRF token validation at server side
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by d4rk_g1rl 
CSP "script-src" includes "unsafe-inline" in https://gratipay.com
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by a5tronaut 
prevent content spoofing on /~username/emails/verify.html
10 Jul 2017 timeline
Gratipay disclosed a bug submitted by mkd1r 
SSl Weak Ciphers
10 Jul 2017 timeline
1 2 3 4 5 ... 208
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM