Top10 publishers:
bobrov107 
linkks60 
sp1d3rs54 
jobert45 
bl4de39 
bigbear_38 
guido38 Twitter
isox36 
geeknik35 
4lemon35 

the unofficial HackerOne disclosure timeline.

X
Romit disclosed a bug submitted by crab 
No rate limit which leads to "Users information Disclosure" including verfification documents etc.
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
GA code not verified on the server side allows sending Verification Documents on behalf of another user
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
IDOR on remoing Share
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
The csrf token remains same after user logs in
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
Server responds with the server error logs on account creation
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
HTML injection in email sent by romit.io
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
Potential for financial loss, negative Values for "Buy fee" and "Sell Fee"
26 Nov 2015 timeline
InVision disclosed a bug submitted by psychomantis Twitter
Reflective XSS in projects.invisionapp.com
23 Nov 2015 timeline
InVision disclosed a bug submitted by anik 
X-Frame-Options Header Not Set
23 Nov 2015 timeline
Twitter disclosed a bug submitted by filedescriptor 
XSS on OAuth authorize/authenticate endpoint
20 Nov 2015 timeline
Automattic disclosed a bug submitted by strukt Twitter
CSV Injection in polldaddy.com
20 Nov 2015 timeline
Shopify disclosed a bug submitted by brakhane 
An administrator without the 'Settings' permission is able to see payment gateways
18 Nov 2015 timeline
Shopify disclosed a bug submitted by rms 
Apps can access 'channels' beta api
18 Nov 2015 timeline
Shopify disclosed a bug submitted by zombiehelp54 Twitter
deleted staff member can add his amazon marketplace web services account to the store.
18 Nov 2015 timeline
DigitalSellz disclosed a bug submitted by s_p_q_r 
Own downloading link isn't properly checked in the email template
16 Nov 2015 timeline
Mail.Ru disclosed a bug submitted by aesteral 
XSS: https://light.mail.ru/compose, https://m.mail.ru/compose/[id]/reply ??? ?????? ?? ??????????? ??????? ?????????????? ??????
16 Nov 2015 timeline
Binary.com disclosed a bug submitted by gjavado 
Http Response Splitting - Validate link
15 Nov 2015 timeline
Twitter disclosed a bug submitted by sandeep100928 
Problem with OAuth
14 Nov 2015 timeline
HackerOne disclosed a bug submitted by killr0x33d Twitter
Send AJAX request to external domain
14 Nov 2015 timeline
HackerOne disclosed a bug submitted by ragnar 
Cross-domain AJAX request
14 Nov 2015 timeline
1 ... 275 276 277 278 279 ... 345
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM