Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'brumbrum' 
b'Parallel upload hangs curl if upload file not found'
29 Oct 2020 timeline
b'Ruby' disclosed a bug submitted by b'piao' 
b'Potential HTTP Request Smuggling in ruby webrick'
29 Oct 2020 timeline
b'Tube8' disclosed a bug submitted by b'ramsexy' 
b'Blind SQL injection in Hall of Fap'
29 Oct 2020 timeline
b'Agoric' disclosed a bug submitted by b'sickcodes' 
b'Stored XSS in agoric-sdk - malicious iframes, malicious svg'
28 Oct 2020 timeline
b'Agoric' disclosed a bug submitted by b'sickcodes' 
b'Improper Input Validation allows an attacker to "double spend" or "respend", violating the integrity of the message command history or causing DoS'
28 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'hazimaslam' 
b'HTTP request smuggling on Basecamp 2 allows web cache poisoning'
28 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'hazimaslam' 
b'Unauthenticated request smuggling on launchpad.37signals.com'
28 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'devirok' 
b' http://login.aa.mail.ru/logs/'
28 Oct 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'dschuermann' 
b'PIN for passwordless WebAuthn is asked for but not verified'
28 Oct 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'daniel_calvino_sanchez' 
b'The password of a mail share is not hashed if the password is given when the share is created'
28 Oct 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'lynn-stephenson' 
b'Reduced purmations on encryption'
28 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'd3lla' 
b'[gfc] Command Injection via insecure command formatting'
27 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'enigmaticjohn' 
b'Possible DOM XSS on app.hey.com'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'mvm' 
b'ReDoS at wiki.cs.money graphQL endpoint (AND probably a kind of command injection)'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'ahmd_halabi' 
b'Manipulate Uneditable Messages in Support'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'nnez' 
b'Site-wide CSRF on Safari due to CORS misconfiguration (not localhost)'
27 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'jouko' 
b'HEY.com email stored XSS'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'panya' 
b'Reflected XSS on https://e.mail.ru/compose/ via Body parameter'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'esetal' 
b'[combo.mail.ru] SMS code bruteforce'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'ther3d0ne' 
b'Stored XSS through fileupload'
27 Oct 2020 timeline
1 ... 234 235 236 237 238 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM