Top10 publishers:
b'bobrov'117 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'sp1d3rs'68 
b'someonenobbd'62 
b'nyymi'55 
b'jon_bottarini'49 
b'haxta4ok00'48 
b'netfuzzer'48 

the unofficial HackerOne disclosure timeline.

X
b'RATELIMITED' disclosed a bug submitted by b'hach3ro' 
b'HTTP PUT method enabled'
11 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Inline banner on Report page discloses whether organization runs a private program'
11 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'plover' 
b'DNS SRV lookup of file:// sources enables local hijacking of gems'
11 Dec 2018 timeline
b'RATELIMITED' disclosed a bug submitted by b'emitrani' 
b'HTTP PUT method enabled'
11 Dec 2018 timeline
b'Twitter' disclosed a bug submitted by b'nahoragg' 
b'CORS misconfig | Account Takeover'
10 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'mrunal' 
b'Cross-Domain JavaScript Source File Inclusion '
10 Dec 2018 timeline
b'QIWI' disclosed a bug submitted by b'igorpyan' 
b'??????????? ??????????? ?? ????? qiwi.com ?? ????? ????? ????????'
10 Dec 2018 timeline
b'MariaDB' disclosed a bug submitted by b'c0rv4x' 
b'Github wiki is editable by anyone'
10 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'claudijd' 
b'Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier'
08 Dec 2018 timeline
b'RubyGems' disclosed a bug submitted by b'ooooooo_q' 
b'65534 times efficient, Brute-force attack for api_key'
08 Dec 2018 timeline
b'OLX' disclosed a bug submitted by b'secpentester1337' 
b'XSS Reflected at SEARCH >>'
08 Dec 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'sarmadkhan' 
b'Cross site scripting (content-sniffing)'
08 Dec 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'c0rv4x' 
b'Github wikis are editable by anyone '
07 Dec 2018 timeline
b'Phabricator' disclosed a bug submitted by b'insufficiententropy' 
b'TOTP Key is shorter than RFC 4226 recommended minimum'
07 Dec 2018 timeline
b'SEMrush' disclosed a bug submitted by b'jimgogogo' 
b"Stored XSS in '' Section and WAF Bypass"
07 Dec 2018 timeline
b'SEMrush' disclosed a bug submitted by b'ankit_singh' 
b'Open Redirect'
07 Dec 2018 timeline
b'Twitter' disclosed a bug submitted by b'csanuragjain' 
b'Global defaming of any twitter user'
06 Dec 2018 timeline
b'Shopify' disclosed a bug submitted by b'vijay_kumar1110' 
b'Read access to hidden orders,products,customers etc. by limited access Staff member through reference page in Comments (Information disclosure )'
06 Dec 2018 timeline
b'Avito' disclosed a bug submitted by b'lincoln9932' 
b'reflected XSS avito.ru'
06 Dec 2018 timeline
b'Discourse' disclosed a bug submitted by b'avinash_' 
b'Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account'
06 Dec 2018 timeline
1 ... 375 376 377 378 379 ... 692
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM