the unofficial HackerOne disclosure timeline.

X
b'LocalTapiola' disclosed a bug submitted by b'curiositysec' 
b'Exposed authentication (/cs/Satellite)'
11 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'teemuk' 
b'Reflected XSS Vulnerability in https://www.lahitapiola.fi/cs/Satellite'
11 Apr 2018 timeline
b'Rockstar Games' disclosed a bug submitted by b'tolo7010' 
b'Your support community suffers from angularjs injection and must be fixed immediately [CRITICAL]'
10 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'bugdiscloseguys' 
b'CSRF possible when SOP Bypass/UXSS is available'
10 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'muon4' 
b'Malicious file upload (secure.lahitapiola.fi)'
10 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'tolo7010' 
b'CSRF log victim into the attacker account'
10 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'tolo7010' 
b'session_id is not being validated at email invitation endpoint'
10 Apr 2018 timeline
b'Unikrn' disclosed a bug submitted by b'tolo7010' 
b'CSRF in Raffles Ticket Purchasing'
10 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'putsi' 
b'Reflected XSS on bbe_open_htmleditor_popup.php of BBE Theme via "value"-GET-parameter'
09 Apr 2018 timeline
b'MyCrypto' disclosed a bug submitted by b't-pwn' 
b'HTML Injection on https://www.mycrypto.com/'
09 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'jacksonkv67' 
b'xmlrpc.php FILE IS enable it will used for bruteforce attack and denial of service'
09 Apr 2018 timeline
b'drchrono' disclosed a bug submitted by b'd0rkerdevil' 
b'SSL/TLS BEAST ATTACK'
09 Apr 2018 timeline
b'Coinbase' disclosed a bug submitted by b'paulos_' 
b'User provided values trusted in sensitive actions'
09 Apr 2018 timeline
b'Coinbase' disclosed a bug submitted by b'paulos_' 
b'User provided values passed to PHP unset() function'
09 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[bracket-template] Reflected XSS possible when variable passed via GET parameter is used in template'
09 Apr 2018 timeline
b'Showmax' disclosed a bug submitted by b'mostafamamdoh' 
b'Stored blind xss on showmax support team'
09 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`atob` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below'
08 Apr 2018 timeline
b'Zomato' disclosed a bug submitted by b'akamble937' 
b'Zomato.com Reflected Cross Site Scripting'
08 Apr 2018 timeline
b'Keybase' disclosed a bug submitted by b'mishre' 
b'Fix bypass of different processing of usernames on Hackernews'
08 Apr 2018 timeline
b'Shopify' disclosed a bug submitted by b'gromoza' 
b'XSS *.myshopify.com/collections/vendors?q='
08 Apr 2018 timeline
1 ... 497 498 499 500 501 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM