the unofficial HackerOne disclosure timeline.

X
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Disclosure of the name of a program that has a private part with an external link'
22 May 2020 timeline
b'Glassdoor' disclosed a bug submitted by b'parzel' 
b'Reflected XSS on https://www.glassdoor.com/employers/sem-dual-lp/'
22 May 2020 timeline
b'NordVPN' disclosed a bug submitted by b'r3ggi-on-h1' 
b'Vulnerabilities chain leading to privilege escalation'
22 May 2020 timeline
b'DigitalOcean' disclosed a bug submitted by b'adiosmf' 
b'Unauthorized access to https://shipit.analogpond.com/'
22 May 2020 timeline
b'NordVPN' disclosed a bug submitted by b'martinbydefault' 
b'User data not anonymized is sent to analytics server'
22 May 2020 timeline
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b"Improper Access Control in Buddypress core allows reply,delete any user's activity"
22 May 2020 timeline
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b'Allow authenticated users can edit, trash,and add new in BuddyPress Emails function'
22 May 2020 timeline
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b'CSRF in Profile Fields allows deleting any field in BuddyPress'
22 May 2020 timeline
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b'Privilege Escalation in BuddyPress core allows Moderate to Administrator '
22 May 2020 timeline
b'Alibaba BBP' disclosed a bug submitted by b'testert1ng' 
b'SSRF / Arbitrary File Read on Alibaba Cloud Academy'
21 May 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mayaseven' 
b'Pixel flood attack cause the javascript heap out of memory'
21 May 2020 timeline
b'Top Echelon Software' disclosed a bug submitted by b'darkshadow1733' 
b'able to login into login.topechelon.com'
20 May 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'mnordhoff' 
b'Recursor accepts unsigned, empty NXDOMAINs in secure zones'
20 May 2020 timeline
b'Visma Public' disclosed a bug submitted by b'm0chan' 
b'Arbitrary File Upload to Stored XSS'
20 May 2020 timeline
b'PayPal' disclosed a bug submitted by b'linkks' 
b'Reflected XSS at https://www.paypal.com/ppcreditapply/da/us'
19 May 2020 timeline
b'Starbucks' disclosed a bug submitted by b'nnez' 
b'Thailand - IDOR on www.starbuckscardth.in.th: A logged in user could view any Thailand Starbucks card balance if they knew that Starbucks card number'
19 May 2020 timeline
b'LINE' disclosed a bug submitted by b'shaolin_tw' 
b'Request smuggling on admin-official.line.me could lead to account takeover'
19 May 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'travispew' 
b'ActiveStorage direct upload fails to sign content-length header for S3 service'
18 May 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'abuisman' 
b'ActionController::Parameters .each returns an unsafe hash'
18 May 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b'Use after free in smtp_server_connection_handle_command'
18 May 2020 timeline
1 ... 328 329 330 331 332 ... 764
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM