Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'CS Money' disclosed a bug submitted by b'benjamin-mauss' 
b'Html injection on subscription email'
23 Jan 2024 timeline
b'Shopify' disclosed a bug submitted by b'callmed0_4' 
b'Staff without Manage Themes permissions can update themes'
23 Jan 2024 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'alp' 
b'PII Disclosure At `theperfumeshop.com/register/forOrder`'
23 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'cxshakal' 
b'curl HSTS long file name clears contents '
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'marshallofsound' 
b'ASAR Integrity bypass via filetype confusion'
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ranjit_p' 
b'Cookie headers are not cleared in cross-domain redirect in undici-fetch'
20 Jan 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tniessen' 
b'Path traversal through path stored in Uint8Array in Node.js 20'
20 Jan 2024 timeline
b'Mozilla Critical Services' disclosed a bug submitted by b'0x90security' 
b'Remote code execution and exfiltration of secret tokens by poisoning the mozilla/fxa CI build cache'
20 Jan 2024 timeline
b'HackerOne' disclosed a bug submitted by b'aleklebio7' 
b'Some limited confidential information can still be accessed after a user exits a private program'
19 Jan 2024 timeline
b'Enjin' disclosed a bug submitted by b'alpernae' 
b'Weak Email Verification: Newly Registered Users Can Bypass Email Verification Step and Log In'
19 Jan 2024 timeline
b'Enjin' disclosed a bug submitted by b'alpernae' 
b'Revocation API Token by Bypassing The XSRF Token'
19 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Authentication bypass in Global Site Selector allows an attacker to log in as any user'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Improper handling of request URLs in nextcloud/guests allows guest users to bypass app allowlist'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Non-admin users can reset app allowlist to the default'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'ryotak' 
b'Open redirect in user_saml via RelayState parameter'
18 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'hackit_bharat' 
b'Self XSS when sending HTML as a comment in the Deck app'
18 Jan 2024 timeline
b'LY Corporation' disclosed a bug submitted by b'mheranco' 
b'Reflected XSS on https://travel.line.me'
18 Jan 2024 timeline
b'Shopify' disclosed a bug submitted by b'boy_child_' 
b'Non-store owners can transfer Shopify-managed domain to another domain provider'
17 Jan 2024 timeline
b'Shopify' disclosed a bug submitted by b'archangel' 
b"[h1-2102] [Oberlo] Least privileged user can cancel account owner's subscription via POST on /payments/subscribe "
17 Jan 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'taise' 
b'Bruteforce protection in password verification can be bypassed'
17 Jan 2024 timeline
1 ... 39 40 41 42 43 ... 724
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM