Top10 publishers:
bobrov107 
sp1d3rs54 
jobert41 
bigbear_38 
bl4de37 
guido37 Twitter
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
Vimeo disclosed a bug submitted by dotspoted 
Serious Vulnerability Found
27 Feb 2015 timeline
wont-fix
itBit Exchange disclosed a bug submitted by zoczus 
Notification Emails: IP + Content-Spoofing
27 Feb 2015 timeline
itBit Exchange disclosed a bug submitted by 4lemon 
Unsecure data in "device" response - OTP
27 Feb 2015 timeline
HackerOne disclosed a bug submitted by siddiki Twitter
Team member invitations to sandboxed teams are not invalidated consistently (v2)
27 Feb 2015 timeline
PHP disclosed a bug submitted by ryat 
Use after free vulnerability in unserialize() with DateTimeZone
27 Feb 2015 timeline
99designs disclosed a bug submitted by pranav_hivarekar Twitter
CSRF to connect attacker's twitter account to logged in victims account
26 Feb 2015 timeline
Greenhouse.io disclosed a bug submitted by fransrosen 
Subdomain Takeover using blog.greenhouse.io pointing to Hubspot
26 Feb 2015 timeline
Vimeo disclosed a bug submitted by tfairane 
Vimeo.com Insecure Direct Object References Reset Password
26 Feb 2015 timeline
Vimeo disclosed a bug submitted by avlidienbrunn Twitter
Adding profile picture to anyone on Vimeo
26 Feb 2015 timeline
HackerOne disclosed a bug submitted by danlec 
CSP Bypass: Click handler for links with data-method="post" can cause authenticity_token to be sent off domain
26 Feb 2015 timeline
Todoist disclosed a bug submitted by cliffordtrigo Twitter
Taking over a Business Account Admin
26 Feb 2015 timeline
Todoist disclosed a bug submitted by cliffordtrigo Twitter
Remotely removing credit cards from business accounts!
26 Feb 2015 timeline
Twitter disclosed a bug submitted by config 
User's DM won't deleted after logout from Twitter for iOS (com.atebits.xxx.application-state)
25 Feb 2015 timeline
Twitter disclosed a bug submitted by homakov 
Redirect URL in /intent/ functionality is not properly escaped
24 Feb 2015 timeline
Square disclosed a bug submitted by mikkz 
XSS on bookfresh
23 Feb 2015 timeline
Square disclosed a bug submitted by avicoder Twitter
HTTP Header revealing server information.
23 Feb 2015 timeline
wont-fix
Vimeo disclosed a bug submitted by batram 
XSS on any site that includes the moogaloop flash player | deprecated embed code
22 Feb 2015 timeline
Twitter disclosed a bug submitted by simon90 
URGENT - SUBDOMAIN TAKEOVER ON TWITTER ACQ.
21 Feb 2015 timeline
OkCupid disclosed a bug submitted by bitquark Twitter
Rosetta flash vulnerability in clientstats AJAX script
20 Feb 2015 timeline
Twitter disclosed a bug submitted by avicoder Twitter
Path disclosure in platform0.twitter.com
20 Feb 2015 timeline
wont-fix
1 ... 287 288 289 290 291 ... 327
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM