Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Starbucks' disclosed a bug submitted by b'k3mlol' 
b'China - president-starbucks.com.cn DNS configuration reported as takeover'
17 Mar 2020 timeline
b'Starbucks' disclosed a bug submitted by b'e4366eolywrgpidfbio' 
b'Minimal information disclosure of internal asset names and links which were not publicly accessible.'
17 Mar 2020 timeline
b'Starbucks' disclosed a bug submitted by b'jackb898' 
b'athome.starbucks.com - URL parameter tampering of review forms permitted possible content injection'
17 Mar 2020 timeline
b'Starbucks' disclosed a bug submitted by b'gamer7112' 
b'DOM XSS on app.starbucks.com via ReturnUrl'
17 Mar 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'circuit' 
b'[https://seosan.io] Account owner disclosure'
16 Mar 2020 timeline
b'Shopify' disclosed a bug submitted by b'mosuan' 
b'Timeline Editor Self-XSS (Previous Fix #738072 Incomplete)'
16 Mar 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'visat' 
b'[htmr] DOM-based XSS'
15 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'SSRF protection bypass'
14 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'teaport' 
b'Only the file extensions are checked, not the MIME types as configured'
14 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'beched' 
b'Docker image with FPM is vulnerable to CVE-2019-11043'
14 Mar 2020 timeline
b'Khan Academy' disclosed a bug submitted by b'jamesconnor' 
b'Information can be changed without a password'
14 Mar 2020 timeline
b'Twitter' disclosed a bug submitted by b'safehacker_27' 
b'Accepting error message on twitter sends you to attacker site'
13 Mar 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'hackervision' 
b'Brute-force any email account through allods.mail.ru '
13 Mar 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'jackb898' 
b'Internal Hostname disclosure from multiple Apache servers via blank host header method'
12 Mar 2020 timeline
b'Twitter' disclosed a bug submitted by b'meepmerp' 
b'lack of input validation that can lead Denial of Service (DOS)'
12 Mar 2020 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'nathand' 
b'Cache poisoning DoS to various TTS assets'
12 Mar 2020 timeline
b'BCM Messenger' disclosed a bug submitted by b'namunah' 
b'Account Takeover with old password and login QR'
12 Mar 2020 timeline
b'Revive Adserver' disclosed a bug submitted by b'hoangn144' 
b'bypass old password with array in /admin/account-user-email.php'
12 Mar 2020 timeline
b'Revive Adserver' disclosed a bug submitted by b'hoangn144' 
b'Open redirection bypass in /www/admin/campaign-modify.php'
12 Mar 2020 timeline
b'HackerOne' disclosed a bug submitted by b'tolo7010' 
b'Disabled account can still use GraphQL endpoint'
12 Mar 2020 timeline
1 ... 320 321 322 323 324 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM