the unofficial HackerOne disclosure timeline.

X
b'Slack' disclosed a bug submitted by b'hanno' 
b'Invitation reminder emails contain insecure links'
29 Jun 2019 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Disclosing a private program in an external link if program is paused'
28 Jun 2019 timeline
b'Omise' disclosed a bug submitted by b'honoki' 
b'SSRF in webhooks leads to AWS private keys disclosure'
28 Jun 2019 timeline
b'Shopify' disclosed a bug submitted by b'mosuan' 
b'Stored XSS in Discounts section'
27 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'frr' 
b'Expired reshare links allow access to all files in share'
27 Jun 2019 timeline
b'TomTom' disclosed a bug submitted by b'vijay922' 
b'Apache mod_status /server-status Information Disclosure'
27 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'sjw' 
b'Stored XSS/HTML injection in autocomplete suggestions for sharing'
27 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'fancycode' 
b'Uploading large avatar images cause excessive CPU usage'
27 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'nickvergessen' 
b'Private/confidential setting of calendar events is ignored on activity stream'
27 Jun 2019 timeline
b'Homebrew' disclosed a bug submitted by b'hi_ztz' 
b'Homebrew privilege escalation vulnerability'
27 Jun 2019 timeline
b'HackerOne' disclosed a bug submitted by b'metnew' 
b'Team member with Program permission only can escalate to Admin permission'
26 Jun 2019 timeline
b'OLX' disclosed a bug submitted by b'codeslayer137' 
b'SQL Injection https://www.olx.co.id'
26 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'mru1' 
b' Predictable Random Number Generator'
26 Jun 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'doragon' 
b'Retrieval and alteration of exposed media on Android Oreo '
26 Jun 2019 timeline
b'Cuvva' disclosed a bug submitted by b'badcracker' 
b'Unclaimed facebook page at www.cuvva.com/about'
25 Jun 2019 timeline
b'Upserve ' disclosed a bug submitted by b'gamer7112' 
b'DOM Based XSS via postMessage at https://inventory.upserve.com/login/'
25 Jun 2019 timeline
b'Mail.ru' disclosed a bug submitted by b's_p_q_r' 
b'[e.mail.ru] XSS ? ??????'
25 Jun 2019 timeline
b'SEMrush' disclosed a bug submitted by b'fransrosen' 
b'Remote Code Execution on www.semrush.com/my_reports on Logo upload'
24 Jun 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'toannc123' 
b'[serve-here.js] List any file in the folder by using path traversal.'
24 Jun 2019 timeline
b'Tube8' disclosed a bug submitted by b'tony_tsep' 
b'SSRF and local file disclosure by video upload on https://www.tube8.com/'
24 Jun 2019 timeline
1 ... 422 423 424 425 426 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM