the unofficial HackerOne disclosure timeline.

X
b'Starbucks' disclosed a bug submitted by b'karthik87mit' 
b'Password Change not notified when changed from settings'
08 Feb 2019 timeline
b'Starbucks' disclosed a bug submitted by b'apapedulimu' 
b'Missing CSRF Token On Remove Coupun From Cart'
08 Feb 2019 timeline
b'GitLab' disclosed a bug submitted by b'urztruzchitrz' 
b'Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds'
08 Feb 2019 timeline
b'Uber' disclosed a bug submitted by b'appsecure_in' 
b'Client secret, server tokens for developer applications returned by internal API'
08 Feb 2019 timeline
b'PayPal' disclosed a bug submitted by b'alexbirsan' 
b'XSSI on refer.xoom.com allows stealing email addresses and posting to Twitter on behalf of victim'
07 Feb 2019 timeline
b'PayPal' disclosed a bug submitted by b'bagipro' 
b'[Venmo Android] Remote theft of user session'
07 Feb 2019 timeline
b'PayPal' disclosed a bug submitted by b'bagipro' 
b'[PayPal Android] Remote theft of user session using push_notification_webview deeplink'
07 Feb 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'skyn3t' 
b'[serve] Access unlisted internal files/folders revealing sensitive information'
07 Feb 2019 timeline
b'Twitter' disclosed a bug submitted by b'bywalks' 
b'[dev.twitter.com] XSS and Open Redirect Protection Bypass'
07 Feb 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'archang31' 
b'Information Disclosure (can access all Army HRC RFOs) within AIM view RFO Portal'
06 Feb 2019 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'csiete' 
b'UBNT Amplification DDOS Attack'
06 Feb 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'lincoln9932' 
b'??????????? ????? ?? ????? ??????? https://pandao.ru/'
06 Feb 2019 timeline
b'GitLab' disclosed a bug submitted by b'jaykpatel' 
b'gitter.im virtually authentication bypass by abusing authorizing callback?code'
04 Feb 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'hossammesbah21' 
b'ssl cookie without secure flag set'
04 Feb 2019 timeline
b'MariaDB' disclosed a bug submitted by b'mik317' 
b'CRLF injection on https://buildbot.mariadb.org'
04 Feb 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'dienpv' 
b'Prototype pollution attack (upmerge)'
04 Feb 2019 timeline
b'HackerOne' disclosed a bug submitted by b'yashrs' 
b'Confidential data of users and limited metadata of programs and reports accessible via GraphQL'
03 Feb 2019 timeline
b'HackerOne' disclosed a bug submitted by b'yoyobabaji' 
b'Open redirect vulnerability in index.php'
03 Feb 2019 timeline
b'RATELIMITED' disclosed a bug submitted by b'sxw' 
b'Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft.'
02 Feb 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'tomk' 
b'Remote attacker can impersonate Social users via ActivityPub API'
01 Feb 2019 timeline
1 ... 442 443 444 445 446 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM