Top10 publishers:
bobrov107 
linkks60 
sp1d3rs56 
jobert46 
guido41 Twitter
bl4de39 
bigbear_38 
isox36 
geeknik35 
4lemon35 

the unofficial HackerOne disclosure timeline.

X
concrete5 disclosed a bug submitted by robin 
broken authentication
21 Sep 2014 timeline
Phabricator disclosed a bug submitted by shahmeer_amir 
Content Spoofing through URL
20 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by vineet 
(m.mail.ru) Password type input with auto-complete enabled
19 Sep 2014 timeline
wont-fix
Mavenlink disclosed a bug submitted by vineet 
Clickjacking & CSRF attack can be done at https://app.mavenlink.com/login
19 Sep 2014 timeline
Mavenlink disclosed a bug submitted by vineet 
Clickjacking at https://www.mavenlink.com/ main website
19 Sep 2014 timeline
Detectify disclosed a bug submitted by mohdhaji87 
Password reset link not validated.
19 Sep 2014 timeline
CloudFlare disclosed a bug submitted by mohdhaji87 
User can request for password reset link without giving his website, eventhough he have it
19 Sep 2014 timeline
wont-fix
CloudFlare disclosed a bug submitted by jpsecurityresearch 
Apache mod_negotiation filename bruteforcing
19 Sep 2014 timeline
wont-fix
WePay disclosed a bug submitted by pranav_hivarekar Twitter
CSRF (Make email primary) may lead to account compromise
19 Sep 2014 timeline
The Internet disclosed a bug submitted by kaeso 
Multiple issues in looking-glass software (aka from web to BGP injections)
17 Sep 2014 timeline
Phabricator disclosed a bug submitted by sehacure Twitter
Open redirection on secure.phabricator.com
17 Sep 2014 timeline
Mail.Ru disclosed a bug submitted by bigbear 
Reflected XSS in User-Agent
16 Sep 2014 timeline
Khan Academy disclosed a bug submitted by bigbear 
Suffix of url-path is vulnerable to XSS-attack
16 Sep 2014 timeline
Detectify disclosed a bug submitted by shahmeer_amir 
Cookie manipulation does not log attacker out of the session
16 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by bigbear 
SQL Injection on 11x11.mail.ru
16 Sep 2014 timeline
RelateIQ disclosed a bug submitted by shahmeer_amir 
Resubmitted with POC #18685 Password reset CSRF
16 Sep 2014 timeline
Automattic disclosed a bug submitted by pranav_hivarekar Twitter
User Enumeration and Guessable User Account Attack on WORDPRESS
13 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by vah13 
SQL inj
12 Sep 2014 timeline
HackerOne disclosed a bug submitted by thetime 
Redirect while opening links in new tabs
12 Sep 2014 timeline
Phabricator disclosed a bug submitted by djadmin Twitter
Content spoofing
11 Sep 2014 timeline
wont-fix
1 ... 319 320 321 322 323 ... 350
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM