the unofficial HackerOne disclosure timeline.

X
b'Passit' disclosed a bug submitted by b'saneh' 
b'Authorization Token is Not expiring After Logout'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'alpha66' 
b'Insecure Account Removal'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'alpha66' 
b'Weak Password Policy on Signup'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'exception' 
b' `X-XSS-Protection` header has not been set at app.passit.io'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'ketankumar_godhani' 
b'Missing HSTS (Strict Transport Security)'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'kevinhwang' 
b'Insecure opening of external links in app.passit.io/list allows for reverse tabnabbing'
11 Aug 2018 timeline
b'Passit' disclosed a bug submitted by b'muon4' 
b'CSV-injection in export functionality'
11 Aug 2018 timeline
b'Homebrew' disclosed a bug submitted by b'ejholmes' 
b'GitHub API Key for BrewTestBot is publicly exposed'
11 Aug 2018 timeline
b'Razer US' disclosed a bug submitted by b'wiardvanrij' 
b'Admin login page reveals user account - no anti-bruteforce'
10 Aug 2018 timeline
b'Hacker Target' disclosed a bug submitted by b'cdl' 
b'Sending Emails from DNSDumpster - Server-Side Request Forgery to Internal SMTP Access'
10 Aug 2018 timeline
b'Laravel' disclosed a bug submitted by b'x1m' 
b'Persistent Cross-Site Scripting in default Laravel installation'
10 Aug 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'cris_semmle' 
b'Command Injection Vulnerability in win-fork/win-spawn Packages'
10 Aug 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'nickvergessen' 
b'HTML injection with AutoComplete suggestions'
10 Aug 2018 timeline
b'Starbucks' disclosed a bug submitted by b'0xpatrik' 
b'Subdomain takeover on wfmnarptpc.starbucks.com'
09 Aug 2018 timeline
b'RubyGems' disclosed a bug submitted by b'reed' 
b'Malware in `active-support` gem'
09 Aug 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'm7mdharoun' 
b'Basic auth details is still work on report ( 351555 ) '
09 Aug 2018 timeline
b'HackerOne' disclosed a bug submitted by b'qwertyqwerty' 
b'TeamProfile exposes partially sensitive information through GraphQL'
08 Aug 2018 timeline
b'MyEtherWallet' disclosed a bug submitted by b'mrbean' 
b'Development configuration file https://myetherwallet.com/'
08 Aug 2018 timeline
b'Uber' disclosed a bug submitted by b'orange' 
b'Improper Access Control on Onelogin in multi-layered architecture'
08 Aug 2018 timeline
b'Discourse' disclosed a bug submitted by b'fransrosen' 
b'CSRF-tokens on pages without no-cache headers, resulting in ATO when using CloudFlare proxy (Web Cache Deception)'
08 Aug 2018 timeline
1 ... 473 474 475 476 477 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM