the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'pal434' 
b'Missing X-Content-Type-Options '
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'5b66c571' 
b'Stored XSS on scan.nextcloud.com'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'alpertecimer' 
b'Missing SPF flags for customerupdates.nextcloud.com'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'maksemuz' 
b'Event privacy level does not work in Thunderbird'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'hassanmahmoud' 
b'WordPress vulnerable to multiple attacks at https://nextcloud.com'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'phil-davis' 
b'User with read-only access to a share can gain write access to sub-folders in the share'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'jaimaakali' 
b'xmlrpc.php is enabled - Nextcloud'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'nstikhomirov' 
b'[Reflected XSS] In Request URL'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Persistent XSS via filename in projects'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Talk - Leak of password-protected room name via already existent resource addition'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'christophwurst' 
b'Bypass configured 2FA provider with another provider that can be set up at login'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'michag86' 
b'Circle email-members have still access to a shared folder/file after they are removed from the circle'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'jannikg' 
b'Username and Access Token Disclousure'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'icewind1991' 
b'(Authenticated) RCE by bypassing of the .htaccess blacklist'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'hassanmahmoud' 
b'Password authentication at newsletter.nextcloud.com discloses username list'
01 Mar 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'l0l1ch3ng' 
b'SSRF on local storage of iOS mobile'
01 Mar 2020 timeline
b'GlobaLeaks' disclosed a bug submitted by b'iqzer0' 
b'Since no defined tries for incorrect answer, an attacker can brute the answers and post a submission'
01 Mar 2020 timeline
b'RATELIMITED' disclosed a bug submitted by b'mazmur' 
b'Information Disclosure PHPpgAdmin'
29 Feb 2020 timeline
b'Greenhouse.io' disclosed a bug submitted by b'ajxchapman' 
b'Debug information disclosure on oauth-redirector.services.greenhouse.io'
29 Feb 2020 timeline
b'FormAssembly' disclosed a bug submitted by b'badis' 
b'scripts loader DOS vulnerability'
29 Feb 2020 timeline
1 ... 355 356 357 358 359 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM