the unofficial HackerOne disclosure timeline.

X
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Custom Field Attributes may be created and updated for customers with Custom Field Trial enabled'
05 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'SSRF in VCARD photo upload functionality'
05 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'SSRF in /appsuite/api/autoconfig '
05 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'SSRF - RSS feed, blacklist bypass (301 re-direct)'
05 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'SSRF - Blacklist bypass for mail account addition'
05 Jul 2019 timeline
b'VK.com' disclosed a bug submitted by b'povargek' 
b'??????? 2FA ?/??? ???????? access_token, ???? ?? ?????-???? ???? ?? ???????? ??????'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b's1ck-sec' 
b'Stored XSS in Email attachment file name'
04 Jul 2019 timeline
b'Shopify' disclosed a bug submitted by b'pklfpklf' 
b'HTML injection in https://interviewing.shopify.com/index.php?candidate='
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'SSRF - RSS feed, blacklist bypass (IP Formatting)'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'logan5' 
b'IDOR - setAttribute action of user object in API'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'ranjit_p' 
b'IDOR to view other user folder name'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'ranjit_p' 
b'IDOR allow to extract all registered email'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'mishre' 
b'Adding external participants to unaccessible appointments'
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'mishre' 
b"[IDOR] Deleting other people's tasks"
04 Jul 2019 timeline
b'OX App Suite' disclosed a bug submitted by b'chihuahua' 
b'store xss in calendar via upload filename'
04 Jul 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'inkz' 
b'[domokeeper] Unintended Require'
04 Jul 2019 timeline
b'ZEIT' disclosed a bug submitted by b'morax' 
b'Access control bypass leads to domain information disclosure'
04 Jul 2019 timeline
b'GitLab' disclosed a bug submitted by b'yashrs' 
b'Attacker is able to access commit title and team member comments which are supposed to be private'
03 Jul 2019 timeline
b'Twitter' disclosed a bug submitted by b'protostar0' 
b'cookie injection allow dos attack to periscope.tv'
03 Jul 2019 timeline
b'Trint Ltd' disclosed a bug submitted by b'toannc123' 
b'IDOR to update folder name of other user'
03 Jul 2019 timeline
1 ... 420 421 422 423 424 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM