Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (deep-extend)'
15 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (deap)'
15 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[glance] Stored XSS via file name allows to run arbitrary JavaScript when directory listing is displayed in browser'
15 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[public] Stored XSS in filenames in directory served by public'
15 Apr 2018 timeline
b'concrete5' disclosed a bug submitted by b'r3naissance' 
b"'cnvID' parameter vulnerable to Insecure Direct Object References"
15 Apr 2018 timeline
b'Automattic' disclosed a bug submitted by b'mattaustin' 
b'Remote Code Execution in Wordpress Desktop'
14 Apr 2018 timeline
b'Zomato' disclosed a bug submitted by b'hacker_one_one' 
b'URL is vulnerable to clickjacking'
14 Apr 2018 timeline
b'Imgur' disclosed a bug submitted by b'protector47' 
b'Information disclosure (No rate limting in forgot password & other login)'
14 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'putsi' 
b'Flash-based XSS on mediaelement-flash-audio-ogg.swf of www.lahitapiolarahoitus.fi'
13 Apr 2018 timeline
b'Upserve ' disclosed a bug submitted by b'paresh_parmar' 
b'Blind stored xss in demo form'
12 Apr 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'101usb' 
b'[tanks.mail.ru] Open Redirect'
12 Apr 2018 timeline
b'Shopify' disclosed a bug submitted by b'newbie_101' 
b'Order notifications being sent for a deactivated staff account'
12 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'tan_stream' 
b'The parameter in the POST query allows to control size of returned page which in turn can lead to the potential DOS attack'
11 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'curiositysec' 
b'Exposed authentication (/cs/Satellite)'
11 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'teemuk' 
b'Reflected XSS Vulnerability in https://www.lahitapiola.fi/cs/Satellite'
11 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'tolo7010' 
b'Your support community suffers from angularjs injection and must be fixed immediately [CRITICAL]'
10 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'bugdiscloseguys' 
b'CSRF possible when SOP Bypass/UXSS is available'
10 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'muon4' 
b'Malicious file upload (secure.lahitapiola.fi)'
10 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'tolo7010' 
b'CSRF log victim into the attacker account'
10 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'tolo7010' 
b'session_id is not being validated at email invitation endpoint'
10 Apr 2018 timeline
1 ... 468 469 470 471 472 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM