Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Automattic' disclosed a bug submitted by b'xurizaemon0' 
b'Authentication & Registration Bypass in Newspack Extended Access'
20 May 2024 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'osama-hamad' 
b'A user with only [MODIFY_SETTINGS] permmision could takeover any user accounts'
20 May 2024 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'osama-hamad' 
b'Changing the administrator password via admin console does not invalidate other sessions'
20 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'agarri_fr' 
b'YQL: From CR/LF injection to root compromise'
15 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'agarri_fr' 
b'Out-of-band read of arbitrary ASCII files on YQL backend servers via XML external parameter entities'
15 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'agarri_fr' 
b'Read arbitrary ASCII files on YQL backend servers via XSLT unparsed-entity-uri() and parameter entities'
15 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'agarri_fr' 
b'Read arbitrary XML files on YQL backend servers via XSLT document()'
15 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'agarri_fr' 
b'Code execution in "ymon" WebService, reached after bypassing the anti-loopback blacklist through YQL and HTTP redirects'
15 May 2024 timeline
b'Yahoo!' disclosed a bug submitted by b'claimingsouls' 
b'Bitly link takeover '
15 May 2024 timeline
b'HackerOne' disclosed a bug submitted by b'hillybot__' 
b"any user could upload attachments to pentest scoping form they don't have access to"
15 May 2024 timeline
b'HackerOne' disclosed a bug submitted by b'hacktus' 
b'LLM01: Invisible Prompt Injection'
13 May 2024 timeline
b'HackerOne' disclosed a bug submitted by b'darkc0d3' 
b'Possible PII Disclosure via Advanced Vetting Process - '
13 May 2024 timeline
b'HackerOne' disclosed a bug submitted by b'lu3ky-13' 
b'Cloud Computer Hackerone Triager can be Accessible for everyone [h1_analyst_lucas+view@wearehackerone.com] computer'
10 May 2024 timeline
b'X (Formerly Twitter)' disclosed a bug submitted by b'th0h0' 
b'Cross-Domain Leakage of X Username / UserID due to Dynamically Generated JS File'
10 May 2024 timeline
b'X (Formerly Twitter)' disclosed a bug submitted by b'mirhat' 
b'Ability to see hidden likes'
10 May 2024 timeline
b'HackerOne' disclosed a bug submitted by b'sarthakbhingare015' 
b'Confirmed #2118458: Intentional redirect from www.hackerone.com to domain which is up for sale'
09 May 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'guido' 
b'CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64'
09 May 2024 timeline
b'Tools for Humanity' disclosed a bug submitted by b'aghayeone' 
b'IDOR - Leaking of team data (name, email, ID, member ID) via POST /api/v1/graphql `FetchMemberships` operation'
09 May 2024 timeline
b'Teleport' disclosed a bug submitted by b'mr_asg' 
b'A member with editor permissions can create an access list that cannot be modified, viewed, or deleted'
08 May 2024 timeline
b'Mattermost' disclosed a bug submitted by b'ramsakal7582' 
b"Member role which doesn't have permission to send message can send by executing channel commands"
08 May 2024 timeline
1 ... 22 23 24 25 26 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM