the unofficial HackerOne disclosure timeline.

X
b'MTN Group' disclosed a bug submitted by b'juni19' 
b'Upload directory of Mtn.ci'
05 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'nnez' 
b'Reflected XSS at http://promotion.molthailand.com/index.php via promotion_id parameter'
05 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'dakitu' 
b'IDOR allow access to payments data of any user'
05 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'grzegol' 
b'CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'grzegol' 
b'CodeQL query for finding CSRF vulnerabilities in Spring applications'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'calderpwn' 
b'CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload '
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jlleitschuh' 
b'Java (Maven): Use of insecure protocol to download/upload artifacts'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jlleitschuh' 
b'Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'calderpwn' 
b'CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'calderpwn' 
b'CodeQL query to detect pages with validationRequest disabled'
04 Feb 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'calderpwn' 
b'Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET'
04 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'sicksec' 
b'Stored XSS in Review Section https://games.mail.ru/'
04 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'r0hack' 
b'Account TakeOver at my.33slona.ru'
04 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'mobius07' 
b'XSS ?? ????? https://warofdragons.my.games/.'
04 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'elmahdi' 
b'Blind XSS Stored On Admin Panel Through Name Parameter In [ https://technoatom.mail.ru/]'
04 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'yarbabin' 
b'[dobro.city-mobil.ru] ????????????? ?????????????? (?????? ? ?????? ??????????????)'
04 Feb 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'arman95' 
b'No Rate Limiting on /reset-password-request/ endpoint'
04 Feb 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'brain_o_cornnor' 
b'my.stripo.emai email verification bypassed and also create email templates'
04 Feb 2020 timeline
b'h1-415-ctf' disclosed a bug submitted by b'd1r3wolf' 
b'SSRF in a headless chrome with remote debugging leads to sensible information leak'
04 Feb 2020 timeline
b'Hyatt Hotels' disclosed a bug submitted by b'mikesbountyacct' 
b'Hyatt WeChat Secret, Baidu AK Secret, and mysql db credentials inadvertantly made publicly available'
04 Feb 2020 timeline
1 ... 362 363 364 365 366 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM