Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Stellar.org' disclosed a bug submitted by b'hach3ro' 
b'Admin panel of https://www.stellar.org/wp-admin/'
23 Feb 2020 timeline
b'Maximum' disclosed a bug submitted by b'zeop' 
b'x-request-id header reflected in server response without sanitization'
22 Feb 2020 timeline
b'Automattic' disclosed a bug submitted by b'hacki3boy' 
b'Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com'
22 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'kunal94' 
b'Periscope android app deeplink leads to CSRF in follow action'
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'nyuszika7h' 
b'iOS app crashed by specially crafted direct message reactions'
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'lorenznickel' 
b"Twitter Source Label allow 'mongolian vowel separator' U+180E (app name)"
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'jubabaghdad' 
b'Reflected XSS in twitterflightschool.com'
21 Feb 2020 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'"Bounties paid in the last 90 days" discloses the undisclosed bounty amount in program statistics'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'hexgold' 
b'Race condition (TOCTOU) in NordVPN can result in local privilege escalation'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'aplis' 
b'Email address is not validated, No Rate Limit and RCE On Forgot Password Page Of affiliates.nordvpn.com'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'kiriknik' 
b'Html Injection and Possible XSS in main nordvpn.com domain'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'hridoy-ahmed' 
b'Cross Origin Resource Sharing Misconfiguration | Lead to sensitive information'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'zaitunoil' 
b'Past payments using the Direct Debit method keep subscriptions active even if payments fail'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'hassancypher' 
b'Host header injection/redirection | signup and login page'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'shardulb_23' 
b'CORS Misconfiguration on nordvpn.com leading to Private Information Disclosure,Account takeover'
21 Feb 2020 timeline
b'RATELIMITED' disclosed a bug submitted by b'miguel_santareno' 
b'Cross Site Request Forgery in auth in https://auth.ratelimited.me/'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'x54xc3' 
b'nordvpn Linux Desktop executable application does not use pie / no ASLR'
21 Feb 2020 timeline
b'HackerOne' disclosed a bug submitted by b'msdian7' 
b'Email address of any user can be queried on Report Invitation GraphQL type when username is known'
20 Feb 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'SSRF - Image Sources in HTML Snippets - 727234 bypass'
20 Feb 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'zhutyra' 
b'Unchecked URL in attachment datasource'
20 Feb 2020 timeline
1 ... 327 328 329 330 331 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM