the unofficial HackerOne disclosure timeline.

X
b'Helium' disclosed a bug submitted by b'dracomalfoy' 
b'HTTP request Smuggling'
02 Jul 2020 timeline
b'SMTP2GO' disclosed a bug submitted by b'tryforimpossible' 
b'Stored XSS at https://app.smtp2go.com/settings/users/ '
02 Jul 2020 timeline
b'Showmax' disclosed a bug submitted by b'0x1_aulia' 
b'[stories.showmax.com] Cross Origin Misconfiguration - Sensitive Information Exposure'
01 Jul 2020 timeline
b'Twitter' disclosed a bug submitted by b'1735096419' 
b'??????????????'
01 Jul 2020 timeline
b'Slack' disclosed a bug submitted by b'mcsheehan' 
b'Tricking the "Create snippet" feature into displaying the wrong filetype can lead to RCE on Slack users'
30 Jun 2020 timeline
b'Starbucks' disclosed a bug submitted by b'm82a1' 
b'China - Open redirect at trackinghub.starbucks.com.cn'
30 Jun 2020 timeline
b'Starbucks' disclosed a bug submitted by b'cdl' 
b'Cross-Site Scripting (XSS) on www.starbucks.com | .co.uk login pages'
30 Jun 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'murmus' 
b'Local File Disclosure (+XSS+CSRF) in AirOS 6.2.0 devices'
30 Jun 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'murmus' 
b'RCE in AirOS 6.2.0 Devices with CSRF bypass'
30 Jun 2020 timeline
b'Razer' disclosed a bug submitted by b's3cr3tsdn' 
b'[api.easy2pay.co] SQL Injection at fortumo via TransID parameter [Bypassing Signature Validation????]'
30 Jun 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'what_web' 
b'[www.stripo.email] You can bypass the speed limit by changing the IP.'
30 Jun 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'x25s' 
b'SSRF in my.stripo.email'
30 Jun 2020 timeline
b'Maximum' disclosed a bug submitted by b'what_web' 
b'[www.werkenbijbakertilly.nl] Information Disclosure'
30 Jun 2020 timeline
b'Courier' disclosed a bug submitted by b'vaalici' 
b"disable test send feature if user's email address isn't verified"
30 Jun 2020 timeline
b'Helium' disclosed a bug submitted by b'chipped' 
b'Read-only user can delete higher privileged members using open DELETE /api/memberships/<membershipID> endpoint'
29 Jun 2020 timeline
b'Central Security Project' disclosed a bug submitted by b'longofo' 
b'OS Command Injection in Nexus Repository Manager 2.x -- Bypass for Nexus Repository Manage 2.14.15-01 Command Injection fix'
29 Jun 2020 timeline
b'NordVPN' disclosed a bug submitted by b'3viltwin' 
b'Misconfigured web directory allows to retrieve public proxy list'
29 Jun 2020 timeline
b'WordPress' disclosed a bug submitted by b'binit' 
b'Authenticated Stored Cross-site Scripting in bbPress'
29 Jun 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'rainbow_json' 
b'[account.mail.ru] XSS-?????????? ? ????? ???????????'
29 Jun 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'organdonor' 
b'MySQL username and password leaked on [2017.russianaicup.ru]'
29 Jun 2020 timeline
1 ... 315 316 317 318 319 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM