Top10 publishers:
bobrov70 
sp1d3rs52 
bigbear_38 
isox36 
guido36 Twitter
4lemon34 
edio34 
jobert32 
geeknik31 
bl4de31 

the unofficial HackerOne disclosure timeline.

X
Khan Academy disclosed a bug submitted by smiegles Twitter
Dom based XSS https://www.khanacademy.org/
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by smiegles Twitter
https://www.khanacademy.org/login open-redirect
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by smiegles Twitter
Stored XSS {dangerous?} https://www.khanacademy.org/coach/roster/?listId=allStudents
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by smiegles Twitter
https://www.khanacademy.org/coach/reports/activity XSS
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by smiegles Twitter
Persistent class XSS [the fuck]
09 Apr 2014 timeline
concrete5 disclosed a bug submitted by g4mm4 
https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by chmosama 
Weak Ciphers Enabled
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by atom Twitter
Open Redirection in SmartHistory KhanAcademy
09 Apr 2014 timeline
Khan Academy disclosed a bug submitted by prakharprasad Twitter
XSS at http://smarthistory.khanacademy.org
09 Apr 2014 timeline
Factlink disclosed a bug submitted by jobert 
Proxy discloses internal web servers
08 Apr 2014 timeline
OkCupid disclosed a bug submitted by smiegles Twitter
http://www2.okcupid.com/profile Cross-site scripting
08 Apr 2014 timeline
Slack disclosed a bug submitted by netfuzzer 
flash content type sniff vulnerability in api.slack.com
08 Apr 2014 timeline
Flash disclosed a bug submitted by masatokinugawa 
Security bypass could lead to information disclosure
08 Apr 2014 timeline
Yahoo! disclosed a bug submitted by santese 
From Unrestricted File Upload to Remote Command Execution
07 Apr 2014 timeline
C2FO disclosed a bug submitted by chmosama 
OPTIONS Method Enabled
07 Apr 2014 timeline
OpenSSL disclosed a bug submitted by Default 
TLS heartbeat read overrun
07 Apr 2014 timeline
Yahoo! disclosed a bug submitted by jniemasik 
In Fantasy Sports iOS app, signup page is requested over HTTP
06 Apr 2014 timeline
wont-fix
Slack disclosed a bug submitted by sehacure Twitter
csrf
06 Apr 2014 timeline
Slack disclosed a bug submitted by sehacure Twitter
State parameter missing on google OAuth
06 Apr 2014 timeline
Slack disclosed a bug submitted by sehacure Twitter
Open redirect vulnerability
06 Apr 2014 timeline
wont-fix
1 ... 278 279 280 281 282 ... 284
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM