the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'tungpun' 
b'[public] Stored XSS in the filename when directories listing'
12 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'cardangi' 
b'No Data Validation, No Captcha, No Filters...'
11 Jun 2018 timeline
b'QIWI' disclosed a bug submitted by b'danila_xawdxawdx' 
b'Imformation Disclosure on id.rapida.ru'
11 Jun 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'maxarr' 
b'XSS ? ???????????, ????-?????? ?????'
10 Jun 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'maxarr' 
b'XSS ? ???? ??????.'
10 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'said778' 
b'Cross site scripting (content-sniffing)'
10 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'kaushalag29' 
b'Buffer overflow'
10 Jun 2018 timeline
b'Algolia' disclosed a bug submitted by b'n00bsec' 
b'Directory traversal at https://msg.algolia.com'
09 Jun 2018 timeline
b'Starbucks' disclosed a bug submitted by b'b3nac' 
b'Host header injection/redirection via newsletter signup'
08 Jun 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'zishanadthandar' 
b'Modifying application settings via clickjacking on o2.mail.ru'
08 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'mks11nov' 
b'A single user can subscribe a community multiple times'
07 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'kunal94' 
b'Punny code Detection Parsing should be implemented on Markdown '
07 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'zir0x' 
b'Returning back from the browser after logging off will disclose some information'
07 Jun 2018 timeline
b'Vend' disclosed a bug submitted by b'stok' 
b'Race Condition : Exploiting the loyalty claim https://xxx.vendhq.com/loyalty/claim/email/xxxxx url and gain x amount of loyalty bonus/cash'
07 Jun 2018 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Exposing hackerone users personally identifiable information by abusing sandbox with swag reward enabled'
07 Jun 2018 timeline
b'HackerOne' disclosed a bug submitted by b'herrera' 
b'Lack of cross-origin request blocking allows leaking of sensitive information on several endpoints'
07 Jun 2018 timeline
b'Tor' disclosed a bug submitted by b'metnew' 
b'Tor Browser: iframe with `data:` uri has access to parent window'
06 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'kapytein' 
b"Exploiting JSONP callback on /username/charts.json endpoint leads to information disclosure despite user's privacy settings"
05 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'zuh4n' 
b'Missing back-end user input validation can lead to DOS flaw'
05 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'wsfengfan474' 
b'Csrf token does not meet security design'
05 Jun 2018 timeline
1 ... 483 484 485 486 487 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM