the unofficial HackerOne disclosure timeline.

X
b'GitLab' disclosed a bug submitted by b'rijalrojan' 
b'Full access to internal Gitlab instances at redash.gitlab.com, dashboards.gitlab.com, prometheus.gitlab.com'
19 Apr 2019 timeline
b'Shopify' disclosed a bug submitted by b'filedescriptor' 
b'H1514 DOMXSS on Embedded SDK via Shopify.API.setWindowLocation abusing cookie Stuffing'
17 Apr 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Talk / spreed: Disclosure of Room names and participants for password protected rooms'
17 Apr 2019 timeline
b'Central Security Project' disclosed a bug submitted by b'amassey' 
b'c3p0 may be exploited by a Billion Laughs Attack when loading XML configuration'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'pasw' 
b'[api.zomato.com] Able to manipulate order amount'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'vipinbihari' 
b'Bypassing the SMS sending limit for download app link.'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'vipinbihari' 
b'Sending Unlimited Emails to anyone from zomato mail server.'
16 Apr 2019 timeline
b'Razer US' disclosed a bug submitted by b'abdilahrf_' 
b'Jenkins instance exposed without authentication'
15 Apr 2019 timeline
b'Lob' disclosed a bug submitted by b'ghostin' 
b'Discloser of Internal Ip address'
15 Apr 2019 timeline
b'Ed' disclosed a bug submitted by b'drstache' 
b'securitytemplate.site domain hijack'
15 Apr 2019 timeline
b'Automattic' disclosed a bug submitted by b'bugraeskici' 
b'No Rate Limit on CrowdSignal Polls when Adding Comment'
13 Apr 2019 timeline
b'GitLab' disclosed a bug submitted by b'plazmaz' 
b'SSRF in CI after first run'
12 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'kusl' 
b'Previous attachments can be referenced when creating a new report'
12 Apr 2019 timeline
b'SEMrush' disclosed a bug submitted by b'memon' 
b'Web cache deception attack - expose earning state information'
12 Apr 2019 timeline
b'SEMrush' disclosed a bug submitted by b'b3f53dc9b2061f7df0c2ffd' 
b'Ports are not shown in third-party site redirect warning page.'
12 Apr 2019 timeline
b'OLX' disclosed a bug submitted by b'codelatteid' 
b'XSS inside HTML Link Tag'
12 Apr 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'rohit_coder' 
b'NextCloud is also Accepting OCTET-STREAM Type of Documents instead of jpg or Imge Files Only'
11 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jaimaakali' 
b'Missing Certificate Authority Authorization rule'
11 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'rohitdua' 
b'Missing rate limit on critical user actions e.g. reset password, change email, disable account.'
11 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'whhackersbr' 
b'HackerOne Integrations Design Issue'
11 Apr 2019 timeline
1 ... 432 433 434 435 436 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM