the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'ermilov' 
b'[authmagic-timerange-stateless-core] Improper Authentication'
16 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'jaka_tingkir' 
b'xss triggered in "myshopify.com/admin/product"'
15 Sep 2020 timeline
b'InnoGames' disclosed a bug submitted by b'mace' 
b'Cache Poisoning via uppercase letters in invalid path'
15 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'r0hack' 
b'IDOR in tracking driver logs at city-mobil.ru'
15 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'kanytu' 
b'Database read through provider misconfiguration'
15 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'kanytu' 
b'Private files exposed to other apps'
15 Sep 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'romesful' 
b'[icq.im] Reflected XSS via chat invite link'
15 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'dwimmerlaik' 
b'CircleCI token in github repo allows for access to sensitive build information'
15 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'say_ch33se' 
b'Email Confirmation Bypass in your-store.myshopify.com which leads to privilege escalation'
15 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'ryat' 
b'A staff without export customers permissions can still export customers CSV file'
15 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'risinghunter' 
b'staff can able to extend shopify trial period without admin permission'
15 Sep 2020 timeline
b'GitLab' disclosed a bug submitted by b'sevilboylum' 
b'Adding everyone to the repo due to the lack of rate limit'
14 Sep 2020 timeline
b'h1-ctf' disclosed a bug submitted by b'louzogh' 
b'[h1-2006 2020] Bounty payments are done !'
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b'XSS within Shopify Email App - Admin'
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'kunal94' 
b'Staff member with no permission can delete POS staff from account settings'
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b"Partner's non-verified business email change reflected into Shopify Collaborator Request"
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'whoami991' 
b'XSS / SELF XSS'
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'jaka_tingkir' 
b'Admin web sessions remain active after logout of Shopify ID'
14 Sep 2020 timeline
b'Shopify' disclosed a bug submitted by b'francisbeaudoin' 
b'Password protection can be removed for newly created development store '
14 Sep 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'd3lla' 
b'[flsaba] Stored XSS in the file and directory name when directories listing'
14 Sep 2020 timeline
1 ... 292 293 294 295 296 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM