Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[mcstatic] Path Traversal allows to read content of arbitrary files'
24 Apr 2018 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'foobar7' 
b'Airship: Persistent XSS via Comment'
24 Apr 2018 timeline
b'New Relic' disclosed a bug submitted by b'grampae' 
b'Drupal admin takeover via install.php not being performed prior to install.'
23 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'netfuzzer' 
b"SocialClub's Facebook OAuth Theft through Warehouse XSS."
23 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'exception' 
b'Bypass CAPTCHA protection'
23 Apr 2018 timeline
b'Ed' disclosed a bug submitted by b'karel_origin' 
b'DOM XSS in edoverflow.com/tools/respond due to unsafe usage of the innerHTML property.'
23 Apr 2018 timeline
b'Automattic' disclosed a bug submitted by b'edoverflow' 
b'Stored XSS in learnboost.com via the lesson[goals] parameter.'
22 Apr 2018 timeline
b'Automattic' disclosed a bug submitted by b'edoverflow' 
b'Stored XSS in www.learnboost.com via ZIP codes.'
22 Apr 2018 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'cablej' 
b'Incomplete fix for #181225 (target=_blank vulnerability)'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'khaledibnalwalid' 
b'RCE By import channel field'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'flex0geek' 
b'[EE] change the author of post using the author_id'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'flex0geek' 
b'[EE] Spoof the redirect process'
20 Apr 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'conan0x7' 
b'CSRF token fixation and potential account takeover'
19 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'europa' 
b'Stored XSS in Snapmatic + R?Editor comments'
19 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'albatraoz' 
b"CSRF logs the victim into attacker's account"
19 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'caioluders' 
b'[pdfinfojs] Command Injection on filename parameter'
19 Apr 2018 timeline
b'HackerOne' disclosed a bug submitted by b'd4rk_g1rl' 
b'Email Forwarding invitations for Drafts are not marked as accepted, allowing multiple users to join a program after disabling Email Forwarding'
18 Apr 2018 timeline
b'Shopify' disclosed a bug submitted by b'bastianwelfrid' 
b'Stored XSS in partners dashboard'
18 Apr 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'w2w' 
b'Content Spoofing or Text Injection support.mycrypto.com'
18 Apr 2018 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Harvesting all private invites using leave program fast-tracked invitation and security@ email forwarding feature'
18 Apr 2018 timeline
1 ... 470 471 472 473 474 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM