the unofficial HackerOne disclosure timeline.

X
b'Automattic' disclosed a bug submitted by b'edoverflow' 
b'Stored XSS in www.learnboost.com via ZIP codes.'
22 Apr 2018 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'cablej' 
b'Incomplete fix for #181225 (target=_blank vulnerability)'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'khaledibnalwalid' 
b'RCE By import channel field'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'flex0geek' 
b'[EE] change the author of post using the author_id'
20 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'flex0geek' 
b'[EE] Spoof the redirect process'
20 Apr 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'conan0x7' 
b'CSRF token fixation and potential account takeover'
19 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'europa' 
b'Stored XSS in Snapmatic + R?Editor comments'
19 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'albatraoz' 
b"CSRF logs the victim into attacker's account"
19 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'caioluders' 
b'[pdfinfojs] Command Injection on filename parameter'
19 Apr 2018 timeline
b'HackerOne' disclosed a bug submitted by b'd4rk_g1rl' 
b'Email Forwarding invitations for Drafts are not marked as accepted, allowing multiple users to join a program after disabling Email Forwarding'
18 Apr 2018 timeline
b'Shopify' disclosed a bug submitted by b'bastianwelfrid' 
b'Stored XSS in partners dashboard'
18 Apr 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'w2w' 
b'Content Spoofing or Text Injection support.mycrypto.com'
18 Apr 2018 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Harvesting all private invites using leave program fast-tracked invitation and security@ email forwarding feature'
18 Apr 2018 timeline
b'Khan Academy' disclosed a bug submitted by b'hamzar97' 
b'Rate Limitation Vulnerability (DDos)'
17 Apr 2018 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'joaomatosf' 
b'Remote Code Execution (RCE) in Multiple DoD Servers and Websites'
17 Apr 2018 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'joaomatosf' 
b'Remote Code Execution (RCE) in a DoD website'
17 Apr 2018 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'alyssa_herrera' 
b'Time based SQL injection on dss.nga.mil'
17 Apr 2018 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'alyssa_herrera' 
b'SSRF+XSS on simdis.nrl.navy.mil'
17 Apr 2018 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'alyssa_herrera' 
b'confluence.devforce.disa.mil allowing NIPRNET access and various sensitive cloud information to be leaked'
17 Apr 2018 timeline
b'Cloudflare' disclosed a bug submitted by b'filedescriptor' 
b'Potential XSS vulnerability to HTML minification'
17 Apr 2018 timeline
1 ... 495 496 497 498 499 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM