Top10 publishers:
bobrov114 
linkks74 
geeknik71 
sp1d3rs62 
jobert54 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
LocalTapiola disclosed a bug submitted by th3g3nt3lman 
XSS and open redirect in verkkopalvelu.lahitapiola.fi
10 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by bobrov 
HTML Injection in email /webApp/lahti (viestinta.lahitapiola.fi)
10 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by billy_blaze 
Lahitapiola´s customer names send to 3rd party
10 Dec 2016 timeline
Twitter disclosed a bug submitted by linkks 
Cross-site scripting (reflected)
09 Dec 2016 timeline
Informatica disclosed a bug submitted by robd4k 
[now.informatica.com] Reflective XSS
09 Dec 2016 timeline
Informatica disclosed a bug submitted by yarbabin 
[marketplace.informatica.com] - XXE
09 Dec 2016 timeline
Informatica disclosed a bug submitted by yarbabin 
[marketplace.informatica.com] - XXE
09 Dec 2016 timeline
Informatica disclosed a bug submitted by yarbabin 
[rev-app.informatica.com] - XXE via SAML
09 Dec 2016 timeline
Envoy disclosed a bug submitted by zephrfish Twitter
Abuse of API can Lead to DoS
08 Dec 2016 timeline
Informatica disclosed a bug submitted by zephrfish Twitter
[product360.informatica.com] Unauthenticated Apache Tomcat 8 Installation
08 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by bobrov 
SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi)
08 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by bobrov 
SQL Injection /webApp/oma_conf ctx parameter (viestinta.lahitapiola.fi)
08 Dec 2016 timeline
HackerOne disclosed a bug submitted by zseano 
Bypass rate limiting on /users/password (possibly site-wide rate limit bypass?)
08 Dec 2016 timeline
OLX disclosed a bug submitted by 123456789100 
REFLECTED CROSS SITE SCRIPTING IN OLX
08 Dec 2016 timeline
Gratipay disclosed a bug submitted by promx 
CSRF csrftoken in cookies
07 Dec 2016 timeline
Instacart disclosed a bug submitted by archers123 
User Information sent to client through websockets
07 Dec 2016 timeline
PortSwigger Web Security disclosed a bug submitted by jelmer 
JSBeautifier BApp: Race condition leads to memory disclosure
07 Dec 2016 timeline
Trello disclosed a bug submitted by esmile 
SVG Uploads / Attachments can be viewed by anyone.
06 Dec 2016 timeline
GitLab disclosed a bug submitted by fransrosen 
Mailgun misconfiguration leads to email snooping and postmaster@-access on email.mg.gitlab.com
06 Dec 2016 timeline
GitLab disclosed a bug submitted by jobert 
State filter in IssuableFinder allows attacker to delete all issues and merge requests
06 Dec 2016 timeline
1 ... 274 275 276 277 278 ... 417
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM