the unofficial HackerOne disclosure timeline.

X
b'NordVPN' disclosed a bug submitted by b'mase289' 
b'Blind SSRF on debug.nordvpn.com due to misconfigured sentry instance'
24 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'enixium' 
b'Password Reset Link Works Multiple Times'
24 Feb 2020 timeline
b'ForeScout Technologies' disclosed a bug submitted by b'a_constant' 
b'HTML Injection & Content Spoofing'
24 Feb 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'kelotex' 
b'Several simple remote code execution in pdf-image'
24 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'splatt581' 
b'Malformed save files (.sav) allow to write files with arbitrary extensions and content in GoldSrc-based games.'
24 Feb 2020 timeline
b'Topcoder' disclosed a bug submitted by b'0x496' 
b'Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com'
24 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'martinbydefault' 
b'Connection informaton is sent to a third-party service'
23 Feb 2020 timeline
b'Stellar.org' disclosed a bug submitted by b'suvrat7' 
b'Bypassing Verify Humans Page'
23 Feb 2020 timeline
b'Stellar.org' disclosed a bug submitted by b'ramakanthk35' 
b'Direct URL access to PDF files'
23 Feb 2020 timeline
b'Stellar.org' disclosed a bug submitted by b'vyshnav_nk' 
b'xss'
23 Feb 2020 timeline
b'Stellar.org' disclosed a bug submitted by b'abo-jehad' 
b'brute force attack allowed on admin page https://www.stellar.org/wp-admin/'
23 Feb 2020 timeline
b'Stellar.org' disclosed a bug submitted by b'hach3ro' 
b'Admin panel of https://www.stellar.org/wp-admin/'
23 Feb 2020 timeline
b'Maximum' disclosed a bug submitted by b'zeop' 
b'x-request-id header reflected in server response without sanitization'
22 Feb 2020 timeline
b'Automattic' disclosed a bug submitted by b'hacki3boy' 
b'Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com'
22 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'kunal94' 
b'Periscope android app deeplink leads to CSRF in follow action'
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'nyuszika7h' 
b'iOS app crashed by specially crafted direct message reactions'
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'lorenznickel' 
b"Twitter Source Label allow 'mongolian vowel separator' U+180E (app name)"
21 Feb 2020 timeline
b'Twitter' disclosed a bug submitted by b'jubabaghdad' 
b'Reflected XSS in twitterflightschool.com'
21 Feb 2020 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'"Bounties paid in the last 90 days" discloses the undisclosed bounty amount in program statistics'
21 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'hexgold' 
b'Race condition (TOCTOU) in NordVPN can result in local privilege escalation'
21 Feb 2020 timeline
1 ... 354 355 356 357 358 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM