the unofficial HackerOne disclosure timeline.

X
b'Zomato' disclosed a bug submitted by b'strukt' 
b'Reflected XSS on https://www.zomato.com'
07 Apr 2018 timeline
b'VK.com' disclosed a bug submitted by b'povargek' 
b'???????? ????? ?????? ???????? ? ???????? ?? ???? SMS, ????? ??? ????????????????? ???????'
06 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`http-proxy-agent` passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak'
05 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`sshpk` is vulnerable to ReDoS when parsing crafted invalid public keys'
04 Apr 2018 timeline
b'Coinbase' disclosed a bug submitted by b'dawgyg' 
b'Double Payout via PayPal'
04 Apr 2018 timeline
b'Coinbase' disclosed a bug submitted by b'ambisafe' 
b'ETH contract handling errors'
04 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'strukt' 
b'Arbitrary file upload when setting an avatar'
04 Apr 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'strukt' 
b'Remote Code Execution in the Import Channel function'
04 Apr 2018 timeline
b'Airbnb' disclosed a bug submitted by b'bobrov' 
b'[airbnb.com] XSS via Cookie flash'
03 Apr 2018 timeline
b'Airbnb' disclosed a bug submitted by b'bobrov' 
b'[m.airbnb.com] CRLF Injection'
03 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[crud-file-server] Path Traversal allows to read arbitrary file from the server'
03 Apr 2018 timeline
b'Shopify' disclosed a bug submitted by b'bored-engineer' 
b'XSS on "widgets.shopifyapps.com" via "stripping" attribute and "shop" parameter'
03 Apr 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'obmihail' 
b'blind XXE in autodiscover parser'
03 Apr 2018 timeline
b'Zomato' disclosed a bug submitted by b'mrtn' 
b'Outdated MediaElement.js Reflected Cross-Site Scripting (XSS)'
02 Apr 2018 timeline
b'MyCrypto' disclosed a bug submitted by b'sup3r-b0y' 
b'Reflected XSS { support.mycrypto.com }'
02 Apr 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`https-proxy-agent` passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak'
02 Apr 2018 timeline
b'VK.com' disclosed a bug submitted by b'trainzment' 
b'???????? ?????? ????? ?? ??????? ?????? ? ??? ????????'
02 Apr 2018 timeline
b'VK.com' disclosed a bug submitted by b'executor' 
b'clickjacking ? /lead_forms_app.php'
02 Apr 2018 timeline
b'Twitter' disclosed a bug submitted by b'molejarka' 
b'[sms-be-vip.twitter.com] vulnerable to Jetleak'
02 Apr 2018 timeline
b'Coinbase' disclosed a bug submitted by b'cablej' 
b'Prepopulation of email address and name leaks information provided to other merchants'
02 Apr 2018 timeline
1 ... 498 499 500 501 502 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM