the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'ruvlol' 
b'Reverse Proxy misroute leading to steal X-Shopify-Access-Token header'
14 Mar 2019 timeline
b'Unikrn' disclosed a bug submitted by b'v4lid0l' 
b'????????? on CRM server without authorization'
14 Mar 2019 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'RCE which may occur due to `ActiveSupport::MessageVerifier` or `ActiveSupport::MessageEncryptor` (especially Active storage)'
13 Mar 2019 timeline
b'Vanilla' disclosed a bug submitted by b'mr_me' 
b'Vanilla Forums AddonManager getSingleIndex Directory Traversal File Inclusion Remote Code Execution Vulnerability'
13 Mar 2019 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'0x09al' 
b'Privilege Escalation by abusing non-existent path. (Windows)'
13 Mar 2019 timeline
b'Shopify' disclosed a bug submitted by b'ishahriyar' 
b'Reflected XSS in *.myshopify.com/account/register'
12 Mar 2019 timeline
b'Redtube' disclosed a bug submitted by b'jtjisgod' 
b'Reflect XSS on Mobile Search page '
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'eremeev' 
b'[api.pandao.ru] IDOR ????????? ???????? ????? ?????? ????????????'
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'xalerafera' 
b'CSRF ?? ???? ? ?????? (Pandao)'
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'xalerafera' 
b'CSRF ??? ????? ????????? ?? Pandao'
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'xalerafera' 
b'CSRF ?? ???????? ?????? ?? ???????'
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'CSRF ?????????? ????????? ????? ????????????? ?????? ???????????? cfire.mail.ru'
11 Mar 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'petser' 
b'Cross application scripting via account.mail.ru'
11 Mar 2019 timeline
b'WordPress' disclosed a bug submitted by b'klmunday' 
b'Stored XSS in Private Message component (BuddyPress)'
08 Mar 2019 timeline
b'WordPress' disclosed a bug submitted by b'klmunday' 
b'Mssing Authorization on Private Message replies (BuddyPress)'
08 Mar 2019 timeline
b'Shopify' disclosed a bug submitted by b'commandersnuggle' 
b'Access to Employee calendar disclosing internal presentation and meetings'
08 Mar 2019 timeline
b'GitLab' disclosed a bug submitted by b'dhakalananda' 
b'Inadequate cache control in gitter allows to view private chat room'
08 Mar 2019 timeline
b'Starbucks' disclosed a bug submitted by b'cujanovic' 
b'Reflected Cross site Scripting (XSS) on www.starbucks.com'
08 Mar 2019 timeline
b'Starbucks' disclosed a bug submitted by b'loxiran' 
b'Bug in GraphQL and API integration leads to limited user address disclosure'
08 Mar 2019 timeline
b'Rockstar Games' disclosed a bug submitted by b'netfuzzer' 
b'Stealing Facebook OAuth Code Through Screenshot viewer'
05 Mar 2019 timeline
1 ... 441 442 443 444 445 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM