Top10 publishers:
bobrov107 
sp1d3rs54 
jobert41 
bigbear_38 
bl4de37 
guido37 Twitter
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
HackerOne disclosed a bug submitted by djamel 
Email changing
28 Aug 2014 timeline
wont-fix
Automattic disclosed a bug submitted by mohaab007 
Missing HSTS header in https://public-api.wordpress.com
28 Aug 2014 timeline
wont-fix
DC Compendium disclosed a bug submitted by adrianbelen 
source code disclosure
27 Aug 2014 timeline
Envoy disclosed a bug submitted by sasi2103 Twitter
Delete visitor from IPAD with fullname which contains JS results XSS
27 Aug 2014 timeline
Coinbase disclosed a bug submitted by 0ctac0der Twitter
Simultaneous Session Logon : Improper Session Management
26 Aug 2014 timeline
wont-fix
RelateIQ disclosed a bug submitted by pum 
Failed Certificate Validation On Custom Server (Register)
25 Aug 2014 timeline
Coinbase disclosed a bug submitted by bbohn 
2FA settings allowed to be changed with no delay/freeze on funds
25 Aug 2014 timeline
wont-fix
Slack disclosed a bug submitted by asdjsonyou 
Open Redirect login account
25 Aug 2014 timeline
Slack disclosed a bug submitted by asdjsonyou 
Content spoofing at Stripe Integrations
25 Aug 2014 timeline
WePay disclosed a bug submitted by pranav_hivarekar Twitter
Typical form vulnerable to csrf attack
23 Aug 2014 timeline
HackerOne disclosed a bug submitted by xtross 
Account Hijacking (Only rare case scenario)
23 Aug 2014 timeline
wont-fix
OkCupid disclosed a bug submitted by kenb 
XSS in 404 page of cdn.okccdn.com
22 Aug 2014 timeline
Uzbey LLC disclosed a bug submitted by darkh4x 
Missing "size check" on files to upload could make memory leaks.
22 Aug 2014 timeline
Slack disclosed a bug submitted by cliffordtrigo Twitter
Deleting Teams implemenation
21 Aug 2014 timeline
wont-fix
WePay disclosed a bug submitted by mrrm 
oauth redirect uri validation bug leads to open redirect and account compromise
21 Aug 2014 timeline
wont-fix
Mavenlink disclosed a bug submitted by cliffordtrigo Twitter
Clickjacking
21 Aug 2014 timeline
Yahoo! disclosed a bug submitted by kenb 
XSS on Every sports.yahoo.com page
20 Aug 2014 timeline
Yahoo! disclosed a bug submitted by surgent10cross 
Comment Spoofing at http://suggestions.yahoo.com/detail/?prop=directory&fid=97721
20 Aug 2014 timeline
Yahoo! disclosed a bug submitted by surgent10cross 
CSRF Token missing on http://baseball.fantasysports.yahoo.com/b1/127146/messages
20 Aug 2014 timeline
Yahoo! disclosed a bug submitted by surgent10cross 
CSRF Token is missing on DELETE message option on http://baseball.fantasysports.yahoo.com/b1/127146/messages
20 Aug 2014 timeline
1 ... 299 300 301 302 303 ... 327
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM