the unofficial HackerOne disclosure timeline.

X
b'Liberapay' disclosed a bug submitted by b'johnevetsecond24' 
b'Unsecure changing password'
02 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'sonahri_501' 
b'twitter api access token leaked on github '
02 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'techguynoob' 
b'Authenticated reflected XSS on liberapay.com via the back_to parameter when leaving a team.'
02 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'albatraoz' 
b'CSRF to make any user accept the invitation to the team'
02 Jun 2018 timeline
b'Liberapay' disclosed a bug submitted by b'europa' 
b'Origin IP found, Cloudflare bypassed'
02 Jun 2018 timeline
b'HackerOne' disclosed a bug submitted by b'amans' 
b'HackerOne support disclosing report state without checking user identity'
02 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'patrickrbc' 
b'Unrestricted file upload (RCE)'
02 Jun 2018 timeline
b'Twitter' disclosed a bug submitted by b'trabajoduro_2' 
b'No Rate Limit in email leads to huge Mass mailings'
01 Jun 2018 timeline
b'PHP (IBB)' disclosed a bug submitted by b'97ffb8d5' 
b'Heap Buffer Overflow (READ: 1786) in exif_iif_add_value'
01 Jun 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'arafat' 
b'Clickjacking Vulnerability on https://support.my.com/games/ticket/xxxx/'
01 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'tungpun' 
b'[serve] Directory listing and File access even when they have been set to be ignored'
31 May 2018 timeline
b'Valve' disclosed a bug submitted by b'milkgames' 
b"GetReports works for hubs you don't have access to"
30 May 2018 timeline
b'Starbucks' disclosed a bug submitted by b'damian89' 
b'Unauthorized access to jiratest.starbucks.com '
30 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'dienpv' 
b'[localhost-now] bypassing url filter which leads to read content of arbitrary file'
30 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'tungpun' 
b'[serve] Directory listing and File access even when they have been set to be ignored (using dot-slash)'
30 May 2018 timeline
b'VK.com' disclosed a bug submitted by b'pisarenko' 
b'????????? ???????????? ?????????? ??????? '
30 May 2018 timeline
b'Zomato' disclosed a bug submitted by b'saltedfish' 
b'[www.zomato.com] SQLi on `order_id` parameter'
30 May 2018 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Private program email forwarding response invitation not expire after first use.'
30 May 2018 timeline
b'GitLab' disclosed a bug submitted by b'strukt' 
b'SSRF when importing a project from a git repo by URL'
29 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'defmax' 
b"Command injection in 'pdf-image'"
29 May 2018 timeline
1 ... 485 486 487 488 489 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM