Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (assign-deep)'
15 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (mixin-deep)'
15 Feb 2018 timeline
b'Showmax' disclosed a bug submitted by b'ehsahil' 
b'Changing details of other users profile using UUID (IDOR)'
15 Feb 2018 timeline
b'Coursera' disclosed a bug submitted by b'flex0geek' 
b'[www.coursera.org] Leaking password reset link on referrer header'
14 Feb 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'na5ne3t' 
b'Frameset(Frame) html tag is allowed in html editor.(can lead to clickjacking)'
14 Feb 2018 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'The request tells the number of private programs, the new system of authorization /invite/token'
14 Feb 2018 timeline
b'Automattic' disclosed a bug submitted by b'edoverflow' 
b'Improper markup sanitisation in Simplenote Android application.'
13 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (Hoek)'
13 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'holyvier' 
b'Prototype pollution attack (lodash)'
13 Feb 2018 timeline
b'Urban Dictionary' disclosed a bug submitted by b'tyagiji' 
b'See details of a unpublished word by guessing the word ID'
12 Feb 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b's_p_q_r' 
b'[afisha.mail.ru] HTML-???????? ????? XSS ?? ??????? ???????'
12 Feb 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'ruvlol' 
b'blind XXE when uploading avatar in mymail phone app'
12 Feb 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'reptou' 
b'Unrestricted access to https://??????.?????myteksi.net/'
12 Feb 2018 timeline
b'Inflection' disclosed a bug submitted by b'wdem' 
b'Reflected Cross-site Scripting Vulnerability via JSON Error Message'
09 Feb 2018 timeline
b'Mavenlink' disclosed a bug submitted by b'cartooncookies' 
b'[app.mavenlink.com] IDOR to view sensitive information'
09 Feb 2018 timeline
b'VK.com' disclosed a bug submitted by b'pisarenko' 
b'??????????????? ?? ????????? ???????????? ????????? "???????????? ??????? ? ????? ?????"'
09 Feb 2018 timeline
b'VK.com' disclosed a bug submitted by b'lincoln9932' 
b'CSRF ???????? ?????? ?? ????? ????????????, ???? id ??????????. + ????????? ???? ??????????? ?? ?????'
09 Feb 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bayotop' 
b'[html-janitor] Passing user-controlled data to clean() leads to XSS'
09 Feb 2018 timeline
b'RubyGems' disclosed a bug submitted by b'exploit_in' 
b'RCE,SQL,Vulnerability + Exploit Method.'
08 Feb 2018 timeline
b'RubyGems' disclosed a bug submitted by b'gorkhali' 
b'Host Header Injection/Redirection'
08 Feb 2018 timeline
1 ... 481 482 483 484 485 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM