the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'jaka_tingkir' 
b'access permission is not revoked even if the email has been deleted or changed on the partner account -partners.shopify-'
18 Aug 2020 timeline
b'Shopify' disclosed a bug submitted by b'rioncool22' 
b'Blind Stored XSS Via Staff Name'
18 Aug 2020 timeline
b'WordPress' disclosed a bug submitted by b'simonscannell' 
b'Stored XSS in Post Preview as Contributor'
18 Aug 2020 timeline
b'WordPress' disclosed a bug submitted by b'simonscannell' 
b'pre-auth Stored XSS in comments via javascript: url when administrator edits user supplied comment'
18 Aug 2020 timeline
b'Mendix' disclosed a bug submitted by b'enixium' 
b'Reflected XSS in "*.mendix.com/openid/*"'
18 Aug 2020 timeline
b'Dropcontact' disclosed a bug submitted by b'try___for_impossible' 
b'IDOR at [https://dropcontact.firstpromote] which allows an UNAUTHORIZED user to ACCESS and EDIT Paypal GMAIL by Changing the ID.'
18 Aug 2020 timeline
b'Gener8' disclosed a bug submitted by b'5hu8h4m_n4g4' 
b'Session not invalidated after password reset'
18 Aug 2020 timeline
b'Solana BBP' disclosed a bug submitted by b'anjpan' 
b'Sensitive data leaks [username, password, keys]'
18 Aug 2020 timeline
b'Solana BBP' disclosed a bug submitted by b'mersalinio' 
b"i don't the important and it's impact . the affected asset: https://github.com/solana-labs/solana/blob/master/.buildkite/env/secrets.ejson"
18 Aug 2020 timeline
b'Solana BBP' disclosed a bug submitted by b'mersalinio' 
b" i don't the important and it's impact . the affected asset : https://github.com/solana-labs/solana/blob/master/.buildkite/env/secrets.ejson"
18 Aug 2020 timeline
b'GitLab' disclosed a bug submitted by b'plazmaz' 
b'SSRF In plantuml (on plantuml.pre.gitlab.com)'
17 Aug 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'icewater' 
b'Linux client is vulnerable to directory traversal when downloading files'
17 Aug 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'inhibitor181' 
b'RTLO character allowed in shared files'
17 Aug 2020 timeline
b'Omise' disclosed a bug submitted by b'justlife_4x4' 
b'Authenticity token doesnt expire after single use leading to CSRF'
17 Aug 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'jplopezy' 
b'XSS in desktop client via invalid server address on login form'
17 Aug 2020 timeline
b'OWOX, Inc.' disclosed a bug submitted by b'ant_pyne' 
b'Unrestricted File Upload in Chat Window'
16 Aug 2020 timeline
b'BugPoC' disclosed a bug submitted by b'd1r3wolf' 
b'Solution for XSS challenge calc.buggywebsite.com'
15 Aug 2020 timeline
b'Topcoder' disclosed a bug submitted by b'tushr' 
b'SVG file upload leads to XML injection'
14 Aug 2020 timeline
b'Bitwala' disclosed a bug submitted by b'lamscun' 
b'HTML injection in email content'
14 Aug 2020 timeline
b'Yoti' disclosed a bug submitted by b'lamscun' 
b'[www.yoti.com] Wordpress user admin information discloure'
14 Aug 2020 timeline
1 ... 304 305 306 307 308 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM