the unofficial HackerOne disclosure timeline.

X
b'Brave Software' disclosed a bug submitted by b'masatokinugawa' 
b'Sending arbitrary IPC messages via overriding Array.prototype.push'
18 Sep 2018 timeline
b'Brave Software' disclosed a bug submitted by b'masatokinugawa' 
b'Brave Browser unexpectedly allows to send arbitrary IPC messages'
18 Sep 2018 timeline
b'Shopify' disclosed a bug submitted by b'rms' 
b'From full-access account to Account Owner'
18 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'hack2684' 
b'Weak Password Policy on Signup at https://accounts.bistudio.com/auth'
18 Sep 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'lirantal' 
b'http-live-simulator npm module is prone to path traversal attacks'
18 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'phwd' 
b'Dropbox employee benefits documents are available in a test Dropbox folder'
17 Sep 2018 timeline
b'New Relic' disclosed a bug submitted by b'hackerone77-222' 
b'DNS misconfiguration on email.alerts.newrelic.com'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'IDOR to view User Order Information'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'217.147.95.145 NFS Exposed with Zeus Server configs'
17 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'akhil-reni' 
b'[www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss'
17 Sep 2018 timeline
b'Uber' disclosed a bug submitted by b'mefkan' 
b'Reflected XSS on Partners Subdomain'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Cache poisoning using NULL bytes and long URLs'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Bypass of request line length limit to DoS via cache poisoning'
16 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'ethancruize' 
b'Stealing Users OAUTH Tokens via redirect_uri '
14 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'todayisnew' 
b'Exposed Git Repo at http://fileserver.dropboxbusiness.com'
14 Sep 2018 timeline
b'Shipt' disclosed a bug submitted by b's3cur3' 
b'Any user can completely delete their own account without authorization and/or going through any kind of membership cancellation protocol.'
12 Sep 2018 timeline
b'OV-chipkaart' disclosed a bug submitted by b'bandjes' 
b'Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible'
11 Sep 2018 timeline
b'HubSpot' disclosed a bug submitted by b'm7mdharoun' 
b'Reflected XSS and Server Side Template Injection in all HubSpot CMSes'
11 Sep 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'xsam' 
b'Leaking sensitive information on Github lead full access to all Grab Slack channels '
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'gerben_javado' 
b'[www.zomato.com] SQLi - /php/?????????? - item_id'
11 Sep 2018 timeline
1 ... 467 468 469 470 471 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM