Top10 publishers:
bobrov114 
geeknik70 
linkks69 
sp1d3rs61 
jobert50 
guido45 Twitter
bl4de41 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
FantasyTote disclosed a bug submitted by ketankumar_godhani 
Weak HSTS age
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by ashish_goanhacker Twitter
strengthen Diffie-Hellman (DH) key exchange parameters in grtp.co
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by mackstaples 
suppress version in Server header on gratipay.com or grtp.co
14 Jul 2016 timeline
OLX disclosed a bug submitted by mefkan 
XSS yaman.olx.ph
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by zuh4n 
Directory listening in grtp.co
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by dotnick 
don't leak server version of grtp.co in error pages
14 Jul 2016 timeline
Paragon Initiative Enterprises disclosed a bug submitted by lukasreschke 
Content-type sniffing leads to stored XSS in CMS Airship on Internet Explorer
14 Jul 2016 timeline
Slack disclosed a bug submitted by thisishrsh 
File upload over private IM channel
13 Jul 2016 timeline
LocalTapiola disclosed a bug submitted by mlitchfield 
Blind Stored XSS Against Lahitapiola Employees - Session and Information leakage
13 Jul 2016 timeline
Uber disclosed a bug submitted by jutsuce 
Directory Browsing and Open Git Repository on Uber Development Box
13 Jul 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
XSS @ yaman.olx.ph
13 Jul 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
XSS @ *.olx.com.ar
13 Jul 2016 timeline
Gratipay disclosed a bug submitted by thezawad Twitter
prevent null bytes in email field
13 Jul 2016 timeline
Gratipay disclosed a bug submitted by jsshen 
don't serve hidden files from Nginx
13 Jul 2016 timeline
New Relic disclosed a bug submitted by daniyal_nasir 
No CSRF validation on Account Monitors in Synthetics Block
12 Jul 2016 timeline
New Relic disclosed a bug submitted by sarwarjahan 
Normal user can set "Job title" of other users by Direct Object Reference
12 Jul 2016 timeline
Uber disclosed a bug submitted by maluko 
Information regarding trips from other users
12 Jul 2016 timeline
HackerOne disclosed a bug submitted by gone 
Possible CSRF during joining report as participant
12 Jul 2016 timeline
Keybase disclosed a bug submitted by franjkovic 
Register multiple users using one invitation (race condition)
11 Jul 2016 timeline
Twitter disclosed a bug submitted by adeelimtiaz90 
XSS via Fabrico Account Name
11 Jul 2016 timeline
1 ... 276 277 278 279 280 ... 385
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM