Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'HackerOne' disclosed a bug submitted by b'p4fg' 
b'404-response contains debug-information with all headers'
16 May 2020 timeline
b'ok.ru' disclosed a bug submitted by b'iframe' 
b'?????????? CSRF ????? ?? ??????? ???????? ???????.'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'amans' 
b'Subdomain takeover of resources.hackerone.com'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Customer private program can disclose email any users through invited via username'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Changes to data in a CVE request after draft via GraphQL query'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Rounding errors on rewarding a bounty leads to bypassing the 20% H1 commission fee'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'A team member of the program with Report rights can ban the Admin'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Mismatch between frontend and backend validation via `ban_researcher` leads to H1 support and hackers email spam'
15 May 2020 timeline
b'GitLab' disclosed a bug submitted by b'gregxsunday' 
b'No redirect_uri in the db for web-internal clientKey leads to one-click DoS on gitter.im'
15 May 2020 timeline
b'Phabricator' disclosed a bug submitted by b'codeprivate' 
b'SSRF in notifications.server configuration'
15 May 2020 timeline
b'Visma Public' disclosed a bug submitted by b'base_64' 
b'Read-only user can access payroll information without having access to payroll.'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'rumiljonov' 
b'Bypass front server restrictions and access to forbidden files and directories through X-Rewrite-Url/X-original-url header on account.mackeeper.com'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'm_4_l_l_0_k' 
b'CSS Injection on static.mackeeper.com - Potential XSS'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'm_4_l_l_0_k' 
b'IDOR at https://account.mackeeper.com/at/load-reports/profile/<profile_id> leaks information about devices/licenses'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'karna__' 
b'No rate limiting on password reset page'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'karna__' 
b'Account Takeover because of the mis-configuration on the Password Reset Page'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'darkerhack' 
b'Information disclosure of Internal php files on [mackeeper.com/blog/api/send-event]'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'adelin30' 
b'MK Site Cross-Site Scripting (XSS) in script context'
15 May 2020 timeline
b'Clario' disclosed a bug submitted by b'karna__' 
b'Reflected XSS on stage.mackeeper.com'
15 May 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'jessecampos' 
b'XSS due to incomplete JS escaping'
14 May 2020 timeline
1 ... 303 304 305 306 307 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM