Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Uber disclosed a bug submitted by issam_rabhi 
Missing authorization checks leading to the exposure of ubernihao.com administrator accounts
15 Aug 2016 timeline
Uber disclosed a bug submitted by parth Twitter
[CRITICAL] -- Complete Account Takeover
15 Aug 2016 timeline
Slack disclosed a bug submitted by d0znpp 
Source code leakage through GIT web access at host '52.91.137.42'
15 Aug 2016 timeline
Dovecot disclosed a bug submitted by koolacac 
Outdated Apache Server in www.dovecot.fi is vulnerable to various attack.
15 Aug 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
Manipulating joinolx.com Job Vacancy alert subscription emails (HTML Injection / Script Injection)
15 Aug 2016 timeline
Gratipay disclosed a bug submitted by kuskumar 
csrf_token cookie don't have the flag "HttpOnly"
14 Aug 2016 timeline
Zomato disclosed a bug submitted by spam404 
XSS on zomato.com
14 Aug 2016 timeline
Gratipay disclosed a bug submitted by mmyamin 
bring grtp.co up to A grade on SSLLabs
13 Aug 2016 timeline
Instacart disclosed a bug submitted by introvertmac 
CSRF with redeem coupon request
13 Aug 2016 timeline
Veris disclosed a bug submitted by ak1t4 
Internal server error 500 at log.veris.in
13 Aug 2016 timeline
New Relic disclosed a bug submitted by praseudo Twitter
Login CSRF vulnerability
12 Aug 2016 timeline
New Relic disclosed a bug submitted by rahul_ch 
All Active user sessions should be destroyed when user change his password!
12 Aug 2016 timeline
concrete5 disclosed a bug submitted by khalidamin511 
CSRF Full Account Takeover
12 Aug 2016 timeline
Twitter disclosed a bug submitted by filedescriptor 
Bypassing callback_url validation on Digits
12 Aug 2016 timeline
Twitter disclosed a bug submitted by filedescriptor 
Bypassing Digits web authentication's host validation with HPP
12 Aug 2016 timeline
Uber disclosed a bug submitted by pooja_lodaya 
User Enumeration and Information Disclosure
12 Aug 2016 timeline
Uber disclosed a bug submitted by enmach 
Brute Force Amplification Attack
12 Aug 2016 timeline
Uber disclosed a bug submitted by ak1t4 
Content injection on 404 error page at faspex.uber.com
12 Aug 2016 timeline
Uber disclosed a bug submitted by orange 
CBC "cut and paste" attack may cause Open Redirect(even XSS)
12 Aug 2016 timeline
Uber disclosed a bug submitted by ddworken 
Enumeration of Invite Codes Allows for Estimating Number of Uber Riders
12 Aug 2016 timeline
1 ... 330 331 332 333 334 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM