Top10 publishers:
b'bobrov'117 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'sp1d3rs'68 
b'someonenobbd'62 
b'nyymi'55 
b'jon_bottarini'49 
b'haxta4ok00'48 
b'netfuzzer'48 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'esetal' 
b'[combo.mail.ru] SMS code bruteforce'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'ther3d0ne' 
b'Stored XSS through fileupload'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'risinghunter' 
b'OTP bypass on user account deletion'
27 Oct 2020 timeline
b'Evernote' disclosed a bug submitted by b'kaulse' 
b'Non-production Open Database In Combination With XXE Leads To SSRF'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'magzhan' 
b'Cross-site Scripting (XSS) - DOM on https://account.mail.ru/user/garage?back_url=https://mail.ru'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'johnssimon007' 
b'[nested-property] Prototype Pollution'
27 Oct 2020 timeline
b'NordVPN' disclosed a bug submitted by b'n33dm0n3y' 
b'Password Reset Link not expiring after changing the email Leads To Account Takeover'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ryotak' 
b'[http-live-simulator] Application-level DoS'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mik317' 
b'[create-git] RCE via insecure command formatting'
26 Oct 2020 timeline
b'Yelp' disclosed a bug submitted by b'parzel' 
b'X-Forward-For Header allows to bypass access restrictions'
26 Oct 2020 timeline
b'8x8' disclosed a bug submitted by b'melbadry9' 
b'Open Redirect on [blog.wavecell.com]'
26 Oct 2020 timeline
b'Twitter' disclosed a bug submitted by b'keer0k' 
b'XSS via referrer parameter'
26 Oct 2020 timeline
b'Twitter' disclosed a bug submitted by b'gokay' 
b'Twitter Media Studio Source Information Disclosure With Analyst Role'
26 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'artebels' 
b'Insufficient limitation of web page title leads to DoS against ICQ for Android'
24 Oct 2020 timeline
b'Kartpay' disclosed a bug submitted by b'abhhi' 
b'Admin/Info lekage'
24 Oct 2020 timeline
b'Curve' disclosed a bug submitted by b'praseudo7' 
b'Sensitive Info Leak - An Attacker Can Retrieve All the Users Mobile Numbers at https://website-api.production.curve.app/api/waitlist/us'
23 Oct 2020 timeline
b'Shopify' disclosed a bug submitted by b'cforu' 
b'authenticity token not verfied leads to change business name'
23 Oct 2020 timeline
b'DRIVE.NET, Inc.' disclosed a bug submitted by b'what_web' 
b"[www.drive2.ru] Insufficient Security Configurability - The user's can set an existing password as a new password."
23 Oct 2020 timeline
b'DRIVE.NET, Inc.' disclosed a bug submitted by b'what_web' 
b'[www.drive2.ru] Insufficient Security Configurability - The user can using the same password as your current ID.'
23 Oct 2020 timeline
b'DRIVE.NET, Inc.' disclosed a bug submitted by b'what_web' 
b'[www.drive2.ru] Insufficient Security Configurability - Notification message not sent when account is deleted'
23 Oct 2020 timeline
1 ... 210 211 212 213 214 ... 693
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM