the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'noumar' 
b'OAuth2 Access Token and App Password Security Vulnerability'
21 Jul 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'n1__' 
b'[markdown-pdf] Local file reading'
20 Jul 2018 timeline
b'Starbucks' disclosed a bug submitted by b'qwacsawd' 
b'Able to purchase a gift card with any amount'
20 Jul 2018 timeline
b'New Relic' disclosed a bug submitted by b'ldionmarcil' 
b'Stored XSS in Brower `name` field reflected in two pages'
20 Jul 2018 timeline
b'HackerOne' disclosed a bug submitted by b'kapytein' 
b'Team object exposes amount of participants in a private program'
20 Jul 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'szkrstf' 
b'[ponse] Path traversal in ponse module allows to read any file on server'
20 Jul 2018 timeline
b'Valve' disclosed a bug submitted by b'chippy' 
b'Malformed .BSP Access Violation in CS:GO can lead to Remote Code Execution'
19 Jul 2018 timeline
b'Shopify' disclosed a bug submitted by b'rijalrojan' 
b'Potential SSRF and disclosure of sensitive site on *shopifycloud.com'
19 Jul 2018 timeline
b'Augur' disclosed a bug submitted by b'sorachiace' 
b'Subdomain takeover on slack.augur.net pointing to GitHub Pages'
19 Jul 2018 timeline
b'Ruby on Rails' disclosed a bug submitted by b'orange' 
b'Path Traversal on Default Installed Rails Application (Asset Pipeline)'
19 Jul 2018 timeline
b'Slack' disclosed a bug submitted by b'irvinlim' 
b'HTTP parameter pollution from outdated Greenhouse.io JS dependency'
19 Jul 2018 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'egyptghost1' 
b'Activat burp suite pro with the old license after transfared to anothe account'
19 Jul 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'diabllo' 
b'Race condition ?? market.games.mail.ru'
18 Jul 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'misterch0c' 
b'Stored XSS in Node-Red'
18 Jul 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'caioluders' 
b"[entitlements] Command injection on the 'path' parameter"
18 Jul 2018 timeline
b'OLX' disclosed a bug submitted by b'd4w' 
b'XSS in OLX.pl ("title" in new advertisement)'
18 Jul 2018 timeline
b'HackerOne' disclosed a bug submitted by b'rbcafe' 
b'Ajouter le m\xc3\xaame utilisateur que celui d\xc3\xa9j\xc3\xa0 inscrit dans les \xc3\xa9quipes'
17 Jul 2018 timeline
b'GitLab' disclosed a bug submitted by b'lahataleputih' 
b'Potensial SSRF via Git repository URL '
16 Jul 2018 timeline
b'GitLab' disclosed a bug submitted by b'phillycheeze' 
b'Persistent XSS - Selecting users as allowed merge request approvers'
16 Jul 2018 timeline
b'GitLab' disclosed a bug submitted by b'phillycheeze' 
b'XSS (Persistent) - Selecting role(s) for protected branches'
16 Jul 2018 timeline
1 ... 477 478 479 480 481 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM