Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Vimeo disclosed a bug submitted by esevece 
Stored XSS on vimeo.com and player.vimeo.com
30 Nov 2015 timeline
itBit Exchange disclosed a bug submitted by behroz Twitter
user-agent Content spoofing
28 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
No rate limit which leads to "Users information Disclosure" including verfification documents etc.
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
GA code not verified on the server side allows sending Verification Documents on behalf of another user
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
IDOR on remoing Share
27 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
The csrf token remains same after user logs in
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
Server responds with the server error logs on account creation
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
HTML injection in email sent by romit.io
26 Nov 2015 timeline
Romit disclosed a bug submitted by crab 
Potential for financial loss, negative Values for "Buy fee" and "Sell Fee"
26 Nov 2015 timeline
InVision disclosed a bug submitted by psychomantis Twitter
Reflective XSS in projects.invisionapp.com
23 Nov 2015 timeline
InVision disclosed a bug submitted by anik 
X-Frame-Options Header Not Set
23 Nov 2015 timeline
Twitter disclosed a bug submitted by filedescriptor 
XSS on OAuth authorize/authenticate endpoint
20 Nov 2015 timeline
Automattic disclosed a bug submitted by strukt Twitter
CSV Injection in polldaddy.com
20 Nov 2015 timeline
Shopify disclosed a bug submitted by brakhane 
An administrator without the 'Settings' permission is able to see payment gateways
18 Nov 2015 timeline
Shopify disclosed a bug submitted by rms 
Apps can access 'channels' beta api
18 Nov 2015 timeline
Shopify disclosed a bug submitted by zombiehelp54 Twitter
deleted staff member can add his amazon marketplace web services account to the store.
18 Nov 2015 timeline
DigitalSellz disclosed a bug submitted by s_p_q_r 
Own downloading link isn't properly checked in the email template
16 Nov 2015 timeline
Mail.Ru disclosed a bug submitted by aesteral 
XSS: https://light.mail.ru/compose, https://m.mail.ru/compose/[id]/reply ??? ?????? ?? ??????????? ??????? ?????????????? ??????
16 Nov 2015 timeline
Binary.com disclosed a bug submitted by gjavado 
Http Response Splitting - Validate link
15 Nov 2015 timeline
Twitter disclosed a bug submitted by sandeep100928 
Problem with OAuth
14 Nov 2015 timeline
1 ... 377 378 379 380 381 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM