the unofficial HackerOne disclosure timeline.

X
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b'Null pointer dereference in SMTP server function smtp_string_parse'
18 May 2020 timeline
b'Clario' disclosed a bug submitted by b'sec0ndw0lf' 
b'CORS Misconfiguration, could lead to disclosure of sensitive information (translate.kromtech.com)'
18 May 2020 timeline
b'InnoGames' disclosed a bug submitted by b'batee5a' 
b'Chaining Bugs: Leakage of CSRF token which leads to Stored XSS and Account Takeover (xs1.tribalwars.cash)'
18 May 2020 timeline
b'curl' disclosed a bug submitted by b'geeknik' 
b'Invalid write (or double free) triggers curl command line tool crash'
18 May 2020 timeline
b'InnoGames' disclosed a bug submitted by b'batee5a' 
b'Race condition in activating email resulting in infinite amount of diamonds received'
18 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'Multiple Links Vulnerable to Reflected xss'
17 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'Reflected xss'
17 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'Reflected xss on mackeeper.com'
17 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'open redirect at https://account.mackeeper.com/auth/signin/continue via improper uri sanitization'
17 May 2020 timeline
b'MTN Group' disclosed a bug submitted by b'miguel_santareno' 
b'SharePoint exposed web services in a subdomain'
16 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'p4fg' 
b'404-response contains debug-information with all headers'
16 May 2020 timeline
b'ok.ru' disclosed a bug submitted by b'iframe' 
b'?????????? CSRF ????? ?? ??????? ???????? ???????.'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'amans' 
b'Subdomain takeover of resources.hackerone.com'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Customer private program can disclose email any users through invited via username'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Changes to data in a CVE request after draft via GraphQL query'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Rounding errors on rewarding a bounty leads to bypassing the 20% H1 commission fee'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'A team member of the program with Report rights can ban the Admin'
15 May 2020 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Mismatch between frontend and backend validation via `ban_researcher` leads to H1 support and hackers email spam'
15 May 2020 timeline
b'GitLab' disclosed a bug submitted by b'gregxsunday' 
b'No redirect_uri in the db for web-internal clientKey leads to one-click DoS on gitter.im'
15 May 2020 timeline
b'Phabricator' disclosed a bug submitted by b'codeprivate' 
b'SSRF in notifications.server configuration'
15 May 2020 timeline
1 ... 329 330 331 332 333 ... 764
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM