Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Visma Bug Bounty Program' disclosed a bug submitted by b'base_64' 
b'[IDOR]Ability to View/Delete/Edit (Forward to attachment archive) Email of other user if GUID is known.'
25 Mar 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'pain45' 
b'XSRF Token is Not being validated when sending emails test request which lead to CSRF attack using the flash file + 307 redirect technique'
25 Mar 2020 timeline
b'GitLab' disclosed a bug submitted by b'shaileshpratapwar' 
b'Email notification about login email changed is not received when using verified linked email address'
25 Mar 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'SSRF - Office Documents - Image URL'
25 Mar 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'pain45' 
b'Strored Xss on https://my.stripo.email/ ( multiple inputs)'
25 Mar 2020 timeline
b'LINE' disclosed a bug submitted by b'hahwul' 
b'SSRF on music.line.me through getXML.php'
25 Mar 2020 timeline
b'LINE' disclosed a bug submitted by b'zophi' 
b'DOM-based XSS on mobile.line.me'
25 Mar 2020 timeline
b'LINE' disclosed a bug submitted by b'ngalog' 
b'Able to Become Admin for Any LINE Official Account'
25 Mar 2020 timeline
b'HackerOne' disclosed a bug submitted by b'red_assassin' 
b'profile-picture name parameter with large value lead to DoS for other users and programs on the platform'
25 Mar 2020 timeline
b'Evernote' disclosed a bug submitted by b'ajdumanhug' 
b'One Click Code Execution via File'
24 Mar 2020 timeline
b'Razer' disclosed a bug submitted by b'nnez' 
b'https://zest.co.th/zestlinepay/checkproduct API endpoint suffers from Boolean-based SQL injection'
24 Mar 2020 timeline
b'Razer' disclosed a bug submitted by b'nnez' 
b"Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking"
24 Mar 2020 timeline
b'Roblox' disclosed a bug submitted by b'jackb898' 
b'Subdomain Takeover at creatorforum.roblox.com'
24 Mar 2020 timeline
b'Roblox' disclosed a bug submitted by b'jackb898' 
b'Reflected XSS through multiple inputs in the issue collector on Jira'
24 Mar 2020 timeline
b'Qulture.Rocks' disclosed a bug submitted by b'julfikar' 
b'Server Name disclosure'
24 Mar 2020 timeline
b'NordVPN' disclosed a bug submitted by b'keshavkejriwal' 
b'Account deletion requests not entirely honoured. Misinformation even after seeking clarification from customer support.'
24 Mar 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'crownpeanut' 
b'Dynamic reflection class'
24 Mar 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'grzegol' 
b'CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java'
24 Mar 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'crownpeanut' 
b'XPath Injection query in java'
24 Mar 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'crownpeanut' 
b'CWE-094 ScriptEngine in java'
24 Mar 2020 timeline
1 ... 318 319 320 321 322 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM