Top10 publishers:
bobrov107 
sp1d3rs54 
bigbear_38 
jobert38 
guido37 Twitter
bl4de37 
isox36 
geeknik35 
4lemon35 
edio34 

the unofficial HackerOne disclosure timeline.

X
Minr.es disclosed a bug submitted by smilez_hapiez 
Session Cookie without Secure flag set
20 Apr 2014 timeline
wont-fix
Localize disclosed a bug submitted by daksh Twitter
Stored XSS
20 Apr 2014 timeline
Localize disclosed a bug submitted by smilez_hapiez 
Login page password-guessing attack
20 Apr 2014 timeline
Localize disclosed a bug submitted by smilez_hapiez 
Possible sensitive files
20 Apr 2014 timeline
Localize disclosed a bug submitted by daksh Twitter
Making groups in any project without permission
20 Apr 2014 timeline
Localize disclosed a bug submitted by daksh Twitter
Deleting groups in any project without permission
20 Apr 2014 timeline
HackerOne disclosed a bug submitted by javidhussain21 
Session Management
19 Apr 2014 timeline
HackerOne disclosed a bug submitted by satishb3 
Session not expired on logout
19 Apr 2014 timeline
HackerOne disclosed a bug submitted by mortes 
Flawed account creation process allows registration of usernames corresponding to existing file names
19 Apr 2014 timeline
HackerOne disclosed a bug submitted by niks Twitter
A password reset page does not properly validate the authenticity token at the server side.
19 Apr 2014 timeline
HackerOne disclosed a bug submitted by wcypierre 
Weird Bug - Ability to see partial of other user's notification
19 Apr 2014 timeline
OkCupid disclosed a bug submitted by rizimughal 
DOM based XSS in changing email address
19 Apr 2014 timeline
Minr.es disclosed a bug submitted by shahmeer_amir 
OPTIONS method enabled on webserver
19 Apr 2014 timeline
Localize disclosed a bug submitted by jackds 
HTML/Javascript possible in "Discussion" section of reviews
19 Apr 2014 timeline
Localize disclosed a bug submitted by jackds 
Assigning a non-existing role to user causes exception when opening project page
19 Apr 2014 timeline
Localize disclosed a bug submitted by ashesh 
Password type input with auto-complete enabled
19 Apr 2014 timeline
wont-fix
Localize disclosed a bug submitted by jeroldcamacho Twitter
CSRF in adding phrase.
19 Apr 2014 timeline
Localize disclosed a bug submitted by nahamsec Twitter
Full Path Disclosure
19 Apr 2014 timeline
Localize disclosed a bug submitted by siddiki Twitter
Full Path Disclosure (2)
19 Apr 2014 timeline
Localize disclosed a bug submitted by faisalahmed 
Full Path Disclosure (FPD) in www.localize.io
19 Apr 2014 timeline
1 ... 315 316 317 318 319 ... 325
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM