Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'lightangel1412' 
b'[static-server-gx] Path Traversal allowing to read any files on the server'
03 Sep 2020 timeline
b'Yelp' disclosed a bug submitted by b'cocoh__23' 
b'IDOR in locid parameter allowing to view others accounts Profile Locations '
02 Sep 2020 timeline
b'Twitter' disclosed a bug submitted by b'cyanpiny' 
b'Denial of Service | twitter.com & mobile.twitter.com'
02 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'steal_wart' 
b'Subdomain Takeover at analyticstest.geekbrains.ru'
02 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'[api.33slona.ru] ?????? ? API ?? ?? ???????????? ???????????? ??????? 302 ???????.'
02 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'looch.tv CORS crossite user information and stream_key access'
02 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'avolume' 
b'Public access to Sidekiq dashboard at shopper.sbermarket.ru'
02 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b"Takeover an account that doesn't have a Shopify ID and more"
02 Sep 2020 timeline
b'Imgur' disclosed a bug submitted by b'zerox4' 
b'Stored XSS in Post title (PoC)'
02 Sep 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'XSS by file (Active Storage `Proxying`)'
01 Sep 2020 timeline
b'Starbucks' disclosed a bug submitted by b'x3n0nn3p' 
b'CRLF injection on www.starbucks.com'
01 Sep 2020 timeline
b'Yelp' disclosed a bug submitted by b'alaayousef' 
b'Clickjacking lead to remove review'
01 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'[garnier-olia.lady.mail.ru] Reflected XSS /exp/ bypass "/"'
01 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'warofdragons.my.games: configuration files with database account are accessible'
01 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'IDOR ????????? ???????? ?????????? ? ????????????.'
01 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'organdonor' 
b'Access to information about any video and its owner via GraphQL endpoint [dictor.mail.ru]'
01 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'pisarenko' 
b' [self?] XSS ? ?????? ???????????? [sbermarket.ru]'
31 Aug 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'jianjun' 
b'An implementation flaw in Mail.ru can be exploited for DKIM signature spoofing and email spoofing'
31 Aug 2020 timeline
b'QIWI' disclosed a bug submitted by b'honoki' 
b'DOM XSS triggered in secure support desk'
31 Aug 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bp0lr' 
b'[hangersteak] Web Server Directory Traversal via Crafted GET Request'
30 Aug 2020 timeline
1 ... 249 250 251 252 253 ... 719
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM