the unofficial HackerOne disclosure timeline.

X
b'Logitech' disclosed a bug submitted by b'hein_thant' 
b'Moderator shared access allows access to support.streamlabs.com'
20 Jan 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'tr3harder' 
b'Access admin interface via bad credentials'
20 Jan 2021 timeline
b'TikTok' disclosed a bug submitted by b'emanuelharijanto' 
b'Information Disclosure of Advertiser Account on TikTok Ads Portal'
20 Jan 2021 timeline
b'Enjin' disclosed a bug submitted by b'michael7854' 
b'POST /api/platform/images allows for Arbitrary file upload + Full stored XSS'
20 Jan 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'act1on3' 
b'[api-site.city-mobil.ru] Improper access control leads to information disclosure (bypass of #977597 fix)'
20 Jan 2021 timeline
b'Kartpay' disclosed a bug submitted by b'bugera' 
b'Misconfiguration of Merchant id in jwt header + Weird Debug mode enabling behavior leads to exposed OTP of mobile number.'
20 Jan 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'prolib' 
b'[nextcloud.com] Control character allowed in Submit Question'
20 Jan 2021 timeline
b'Informatica' disclosed a bug submitted by b'lu3ky-13' 
b'loing in to marketplace panel on enablement.informatica.com'
20 Jan 2021 timeline
b'Revive Adserver' disclosed a bug submitted by b'mbeccati' 
b'Open redirect in ck.php and lg.php'
20 Jan 2021 timeline
b'Revive Adserver' disclosed a bug submitted by b'keyurvala' 
b'Cross Site Scripting and Open Redirect in affiliate-preview.php file '
20 Jan 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'kanytu' 
b'Database read through file attachment [content://]'
20 Jan 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'kwel' 
b' "E-Mail " [corporate.city-mobil.ru]'
20 Jan 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'moonwalker' 
b'IDOR email '
20 Jan 2021 timeline
b'Top Echelon Software' disclosed a bug submitted by b'prolib' 
b'Public and secret api key leaked in JavaScript source'
19 Jan 2021 timeline
b'Revive Adserver' disclosed a bug submitted by b'axfla' 
b'Reflected XSS on /www/delivery/afr.php (bypass of report #775693)'
19 Jan 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'jacksonkv67' 
b'2FA Session not expires after the password reset'
18 Jan 2021 timeline
b'Nintendo' disclosed a bug submitted by b'mrnbayoh' 
b'[3DS][StreetPass] Heap Overflow in Swapnote parser leads to userland StreetPass RCE'
18 Jan 2021 timeline
b'curl' disclosed a bug submitted by b'fms' 
b'SMB access smuggling via FILE URL on Windows'
17 Jan 2021 timeline
b'Rocket.Chat' disclosed a bug submitted by b'fabianfreyer' 
b'XSS in message attachment fileds.'
17 Jan 2021 timeline
b'Rocket.Chat' disclosed a bug submitted by b'jcardona' 
b'Session Hijack via Self-XSS'
17 Jan 2021 timeline
1 ... 259 260 261 262 263 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM