the unofficial HackerOne disclosure timeline.

X
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'`chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"]'
25 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'Local files reading from the web using `brave://`'
25 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS'
24 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'Navigation to `chrome-extension://` origin (internal pages) from the web'
24 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'Unsafe handling of protocol handlers'
24 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'Navigation to protocol handler URL from the opened page displayed as a request from this page.'
24 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'metnew' 
b'DoS in Brave browser for iOS'
24 Sep 2018 timeline
b'Shopify' disclosed a bug submitted by b'dr_dragon' 
b'Open redirection in OAuth'
24 Sep 2018 timeline
b'Soleo' disclosed a bug submitted by b'project-insecurity' 
b'Directory Traversal + HTTP Paramater Pollution leaking SQL/LDAP credentials'
24 Sep 2018 timeline
b'Chaturbate' disclosed a bug submitted by b'batee5a' 
b'Password protected rooms total number of viewers disclosure to unauthorized members'
24 Sep 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'sql' 
b'XSS in e.mail.ru'
24 Sep 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'pisarenko' 
b'???????? XSS ? ????????????? ?? dobro.mail.ru'
24 Sep 2018 timeline
b'OLX' disclosed a bug submitted by b'ibrahimd' 
b'Bypass CSP frame-ancestors at olx.co.za, olx.com.gh'
23 Sep 2018 timeline
b'OLX' disclosed a bug submitted by b'ibrahimd' 
b'Reflective XSS at olx.ph'
23 Sep 2018 timeline
b'Starbucks' disclosed a bug submitted by b'linkks' 
b'Backup Source Code Detected'
21 Sep 2018 timeline
b'Chaturbate' disclosed a bug submitted by b'smit' 
b'Leaking Username and Password in the URLs via Virustotal, can leads to account takeover'
21 Sep 2018 timeline
b'' disclosed a bug submitted by b'alyssa_herrera' 
b'Remote Command execution due to image tragick'
21 Sep 2018 timeline
b'Informatica' disclosed a bug submitted by b'neolead' 
b'Cisco RCE'
21 Sep 2018 timeline
b'Tor' disclosed a bug submitted by b'rbcafe' 
b'Expose user IP if TOR crashs'
21 Sep 2018 timeline
b'Imgur' disclosed a bug submitted by b'kiyell' 
b'Go.imgur.com can be used to phish for account information'
21 Sep 2018 timeline
1 ... 465 466 467 468 469 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM