Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Ruby on Rails' disclosed a bug submitted by b'bjeanes' 
b'Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS'
05 Dec 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'chihuahua' 
b'Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter'
05 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'A user can bypass approval step in Hacker Publishing feature, allowing them to publish reports immediately'
05 Dec 2018 timeline
b'GoCD' disclosed a bug submitted by b'4cad' 
b'Imperfect CSRF To Overwrite Server Config at /go/admin/restful/configuration/file/POST/xml'
05 Dec 2018 timeline
b'Zendesk' disclosed a bug submitted by b'hariharan21' 
b'Admin Macro Description Stored XSS'
05 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'npbhatter17' 
b'Notifications sent due to "Transfer report" functionality may be sent to users who are no longer authorized to see the report'
04 Dec 2018 timeline
b'GitLab' disclosed a bug submitted by b'8ayac' 
b'Stored XSS in merge request pages'
03 Dec 2018 timeline
b'GitLab' disclosed a bug submitted by b'8ayac' 
b'Unauthorized users may be able to view almost all informations related to Private projects.'
03 Dec 2018 timeline
b'Zomato' disclosed a bug submitted by b'sandeep_hodkasia' 
b'[www.zomato.com] Blind XSS in one of the Admin Dashboard'
03 Dec 2018 timeline
b'Liberapay' disclosed a bug submitted by b'emitrani' 
b'Github Oauth is tied to username at /edit/elsewhere instead of email'
02 Dec 2018 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Revoking user session in https://hackerone.com/settings/sessions does not revoke the GraphQL query session'
30 Nov 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'asgerf' 
b'Prototype pollution attack in node.extend'
30 Nov 2018 timeline
b'GoCD' disclosed a bug submitted by b'kiraak-boy' 
b'Possible SSRF at URL Parameter while creating a new package repository'
30 Nov 2018 timeline
b'GoCD' disclosed a bug submitted by b'kiraak-boy' 
b'Cross Site Scripting'
30 Nov 2018 timeline
b'GoCD' disclosed a bug submitted by b'kiraak-boy' 
b'Reflected XSS'
30 Nov 2018 timeline
b'GoCD' disclosed a bug submitted by b'pradeepch99' 
b'XSS in http://localhost:8153/go/admin/config/server/update'
30 Nov 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'cris_semmle' 
b'Prototype Pollution Vulnerability in mpath Package'
30 Nov 2018 timeline
b'Riot Games' disclosed a bug submitted by b'haxta4ok00' 
b'test'
30 Nov 2018 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'SQL injection in GraphQL endpoint through embedded_submission_form_uuid parameter'
30 Nov 2018 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Attacker can claim credentials for private program that has a published external program'
29 Nov 2018 timeline
1 ... 413 414 415 416 417 ... 729
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM