REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'ahacker1'
b'View Titles of Private Reports with pending email invitation'
16 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'imrerad'
b'Invite tokens have Insufficient entropy in GHES Management Console '
12 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'inspector-ambitious'
b"RC Between GitHub's Repo Transfer REST API and updateTeamsRepository GraphQL Mutation Results in Covert and Persistent Admin Access Retention"
12 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'callmed0_4'
b'Internal Blind Server-Side Request Forgery (SSRF) allows scanning internal ports'
12 Jan 2024
b'TikTok'
disclosed a bug submitted by
b'ashrafabdelrazik'
b'Reflected XSS On [https://www-useast1a.tiktok.com/ug/incentive/share/hd]'
12 Jan 2024
b'Mozilla Critical Services'
disclosed a bug submitted by
b'francisconeves97'
b'Exposure of account recovery hint by querying by user email'
11 Jan 2024
b'LinkedIn'
disclosed a bug submitted by
b'find_me_here'
b'Users can access exams in course without having to subscribe to PREMIUM'
10 Jan 2024
b'Nextcloud'
disclosed a bug submitted by
b'maholli'
b'Blind SSRF in Mail App'
10 Jan 2024
b'TikTok'
disclosed a bug submitted by
b'ashrafabdelrazik'
b'RXSS on TikTok endpoints'
09 Jan 2024
b'TikTok'
disclosed a bug submitted by
b'ashrafabdelrazik'
b'RXSS via region parameter'
09 Jan 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'0xt4req'
b'CVE-2023-49920: Apache Airflow: Missing CSRF protection on DAG/trigger'
09 Jan 2024
b'Hyperledger'
disclosed a bug submitted by
b'yacovm'
b'CVE-2023-46132'
08 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'ahacker1'
b'View Repo and Title of Any Private Check Run'
08 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'imrerad'
b'GHES Management console EoP (editor to site admin)'
08 Jan 2024
b'Ruby'
disclosed a bug submitted by
b'ooooooo_q'
b'The taint flag is not propagated at JSON.parse'
05 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'HackerOne'
disclosed a bug submitted by
b'marvelmaniac'
b'An attacker can submit a Pentest Opportunity and change the status of the opportunity from submitted to in_review or reviewed'
04 Jan 2024
1
...
33
34
35
36
37
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM
