Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs62 
jobert57 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
haxta4ok0037 

the unofficial HackerOne disclosure timeline.

X
Twitter disclosed a bug submitted by vineet 
Captcha bypass with extension at http://www.mopub.com/about/contact/
22 Sep 2014 timeline
wont-fix
Square disclosed a bug submitted by pranav_hivarekar Twitter
CSRF login
21 Sep 2014 timeline
wont-fix
concrete5 disclosed a bug submitted by robin 
broken authentication
21 Sep 2014 timeline
Phabricator disclosed a bug submitted by shahmeer_amir 
Content Spoofing through URL
20 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by vineet 
(m.mail.ru) Password type input with auto-complete enabled
19 Sep 2014 timeline
wont-fix
Mavenlink disclosed a bug submitted by vineet 
Clickjacking & CSRF attack can be done at https://app.mavenlink.com/login
19 Sep 2014 timeline
Mavenlink disclosed a bug submitted by vineet 
Clickjacking at https://www.mavenlink.com/ main website
19 Sep 2014 timeline
Detectify disclosed a bug submitted by mohdhaji87 
Password reset link not validated.
19 Sep 2014 timeline
CloudFlare disclosed a bug submitted by mohdhaji87 
User can request for password reset link without giving his website, eventhough he have it
19 Sep 2014 timeline
wont-fix
CloudFlare disclosed a bug submitted by jpsecurityresearch 
Apache mod_negotiation filename bruteforcing
19 Sep 2014 timeline
wont-fix
WePay disclosed a bug submitted by pranav_hivarekar Twitter
CSRF (Make email primary) may lead to account compromise
19 Sep 2014 timeline
The Internet disclosed a bug submitted by kaeso 
Multiple issues in looking-glass software (aka from web to BGP injections)
17 Sep 2014 timeline
Phabricator disclosed a bug submitted by sehacure Twitter
Open redirection on secure.phabricator.com
17 Sep 2014 timeline
Mail.Ru disclosed a bug submitted by bigbear 
Reflected XSS in User-Agent
16 Sep 2014 timeline
Khan Academy disclosed a bug submitted by bigbear 
Suffix of url-path is vulnerable to XSS-attack
16 Sep 2014 timeline
Detectify disclosed a bug submitted by shahmeer_amir 
Cookie manipulation does not log attacker out of the session
16 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by bigbear 
SQL Injection on 11x11.mail.ru
16 Sep 2014 timeline
RelateIQ disclosed a bug submitted by shahmeer_amir 
Resubmitted with POC #18685 Password reset CSRF
16 Sep 2014 timeline
Automattic disclosed a bug submitted by pranav_hivarekar Twitter
User Enumeration and Guessable User Account Attack on WORDPRESS
13 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by vah13 
SQL inj
12 Sep 2014 timeline
1 ... 403 404 405 406 407 ... 434
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM