the unofficial HackerOne disclosure timeline.

X
b'Yelp' disclosed a bug submitted by b'bellpwn' 
b'Multiple Vulnerabilities in (*.blog.yelp.com) - Leakage user admin Sensitive Exposure'
29 Jan 2020 timeline
b'Starbucks' disclosed a bug submitted by b'zude' 
b"Account take over of 'light' starbuckscardb2b users"
29 Jan 2020 timeline
b'Starbucks' disclosed a bug submitted by b'laszaro' 
b'WAF bypass via double encoded non standard ASCII chars permitted a reflected XSS on response page not found pages - (629745 bypass)'
29 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'johnssimon007' 
b'[deliver-or-else] Path Traversal'
29 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'johnssimon007' 
b'[md-fileserver] Path Traversal'
29 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'johnssimon007' 
b'[file-browser] Inadequate Output Encoding and Escaping '
29 Jan 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'orlserg' 
b'Account takeover via CORS misconfigutation on https://beta.delivery-club.ru'
29 Jan 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'johndoe1492' 
b'SSRF in clients.city-mobil.ru'
29 Jan 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'kiriknik' 
b'Blind SQL Injection in city-mobil.ru domain'
29 Jan 2020 timeline
b'Starbucks' disclosed a bug submitted by b'neweq' 
b'China - ecjobsdc.starbucks.com.cn html/shtml file upload vulnerability'
29 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'princechaddha' 
b'Denial Of Service in Strapi Framework using argument injection'
28 Jan 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'checkm50' 
b'Information disclosure through Server side resource forgery'
28 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'aaron_costello' 
b'Prototype pollution in dot-prop'
28 Jan 2020 timeline
b'New Relic' disclosed a bug submitted by b'masterhackor' 
b'Host Header Injection'
27 Jan 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ronperris' 
b'[url-parse] Improper Validation and Sanitization'
27 Jan 2020 timeline
b'Reverb.com' disclosed a bug submitted by b'muon4' 
b'Race Condition allows to redeem multiple times gift cards which leads to free "money"'
25 Jan 2020 timeline
b'RATELIMITED' disclosed a bug submitted by b'amarbalosh' 
b'xss in /users/[id]/set_tier endpoint'
25 Jan 2020 timeline
b'Flickr' disclosed a bug submitted by b'asad0x01_' 
b'Arbitrary file read via ffmpeg HLS parser at https://www.flickr.com/photos/upload'
25 Jan 2020 timeline
b'Keybase' disclosed a bug submitted by b'u3mur4' 
b'macOS privilege escalation'
24 Jan 2020 timeline
b'Keybase' disclosed a bug submitted by b'u3mur4' 
b'From nobody to somebody'
24 Jan 2020 timeline
1 ... 363 364 365 366 367 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM