the unofficial HackerOne disclosure timeline.

X
b'LINE' disclosed a bug submitted by b'66ed3gs' 
b'Improper Access Control in LINE Timeline API that returns a list of hidden friends'
17 Nov 2020 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Security@ email forwarding and Embedded Submission drafts can be used to obtain copy of deleted attachments from other HackerOne users'
17 Nov 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'mjigar821' 
b'Forbidden access to https://apps-staging.pingone.com but "/packages.json" visible and full path disclosure'
16 Nov 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'cybersera' 
b'No valid SPF record not found'
16 Nov 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'renniepak' 
b'Stored XSS in Application menu via Home Page Url'
16 Nov 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'gujjuboy10x00' 
b'Session misconfiguration on forget password feature at https://ort-admin.pingone.com'
16 Nov 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'gujjuboy10x00' 
b'Session misconfiguration on change password feature at https://apps-staging.pingone.com/myaccount/?environmentId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx#'
16 Nov 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'effectrenan' 
b'[systeminformation] Command Injection via insecure command formatting'
16 Nov 2020 timeline
b'Informatica' disclosed a bug submitted by b'r1pley' 
b'Blind SQL injection at tsftp.informatica.com'
16 Nov 2020 timeline
b'curl' disclosed a bug submitted by b'thomas_v' 
b'Heap buffer overflow in TFTP when using small blksize'
14 Nov 2020 timeline
b'curl' disclosed a bug submitted by b'thomas_v' 
b'krb5: double-free in read_data() after realloc() fail'
14 Nov 2020 timeline
b'Automattic' disclosed a bug submitted by b'u0pattern' 
b'Rate Limit Misconfiguration on tumblr login .'
13 Nov 2020 timeline
b'GoCD' disclosed a bug submitted by b'asusrog' 
b'XSS In https://docs.gocd.org/current/'
13 Nov 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'yahe' 
b'Improper confidentiality protection of server-side encryption keys'
13 Nov 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'yahe' 
b'Improper integrity protection of server-side encryption keys'
13 Nov 2020 timeline
b'BugPoC' disclosed a bug submitted by b'd1r3wolf' 
b'Solution for XSS challenge wacky.buggywebsite.com'
13 Nov 2020 timeline
b'LINE' disclosed a bug submitted by b'dhbd88' 
b'CORS misconfiguration leads to users information disclosure at https://studyroom.line.me'
13 Nov 2020 timeline
b'BugPoC' disclosed a bug submitted by b'machinexa' 
b'Reflected XSS at wacky.buggywebsite.com/frame.html'
12 Nov 2020 timeline
b'BugPoC' disclosed a bug submitted by b'effectrenan' 
b'XSS Challenge'
12 Nov 2020 timeline
b'CS Money' disclosed a bug submitted by b'rootishere' 
b'Content Spoofing/Text Injection in https://support.cs.money and JS file not minified and uglyfied which makes it clearly readable '
12 Nov 2020 timeline
1 ... 275 276 277 278 279 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM