Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'd3lla' 
b'[gfc] Command Injection via insecure command formatting'
27 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'enigmaticjohn' 
b'Possible DOM XSS on app.hey.com'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'mvm' 
b'ReDoS at wiki.cs.money graphQL endpoint (AND probably a kind of command injection)'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'ahmd_halabi' 
b'Manipulate Uneditable Messages in Support'
27 Oct 2020 timeline
b'CS Money' disclosed a bug submitted by b'nnez' 
b'Site-wide CSRF on Safari due to CORS misconfiguration (not localhost)'
27 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'jouko' 
b'HEY.com email stored XSS'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'panya' 
b'Reflected XSS on https://e.mail.ru/compose/ via Body parameter'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'esetal' 
b'[combo.mail.ru] SMS code bruteforce'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'ther3d0ne' 
b'Stored XSS through fileupload'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'risinghunter' 
b'OTP bypass on user account deletion'
27 Oct 2020 timeline
b'Evernote' disclosed a bug submitted by b'kaulse' 
b'Non-production Open Database In Combination With XXE Leads To SSRF'
27 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'magzhan' 
b'Cross-site Scripting (XSS) - DOM on https://account.mail.ru/user/garage?back_url=https://mail.ru'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'johnssimon007' 
b'[nested-property] Prototype Pollution'
27 Oct 2020 timeline
b'NordVPN' disclosed a bug submitted by b'n33dm0n3y' 
b'Password Reset Link not expiring after changing the email Leads To Account Takeover'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ryotak' 
b'[http-live-simulator] Application-level DoS'
27 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mik317' 
b'[create-git] RCE via insecure command formatting'
26 Oct 2020 timeline
b'Yelp' disclosed a bug submitted by b'parzel' 
b'X-Forward-For Header allows to bypass access restrictions'
26 Oct 2020 timeline
b'8x8' disclosed a bug submitted by b'melbadry9' 
b'Open Redirect on [blog.wavecell.com]'
26 Oct 2020 timeline
b'Twitter' disclosed a bug submitted by b'keer0k' 
b'XSS via referrer parameter'
26 Oct 2020 timeline
b'Twitter' disclosed a bug submitted by b'gokay' 
b'Twitter Media Studio Source Information Disclosure With Analyst Role'
26 Oct 2020 timeline
1 ... 254 255 256 257 258 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM