The following advisories have been issued by project maintainers in response to specific remediated vulnerabilities of note.
|GitLab (8.16.5)||February 15th 2017||Stored XSS via markup languages||N/A|
|GitLab (9.0.2)||March 30th 2017||Private group name disclosure||N/A|
|GitLab (9.0.4)||March 30th 2017||Open redirect via import||N/A|
The following organisations have publicly* acknowledged my responsible disclosure and vulnerability research efforts. Follow my activities on HackerOne to keep updated with new findings.
|Year (first recognised)||Organisations|
|2016||Ubiquiti Networks, General Motors, Hootsuite, Netflix, Instacart, Constant Contact, Xero, OwnCloud, Coursera, Shopify, GlassWire, Skyport Systems, and Legal Robot|
|2017||GitHub, Recorded Future, Sourceforge, Uber, Automattic, Dell, AOL, Gogo, Sophos, Auto Trader, Envato, DigitalOcean, New Relic, Yahoo, Informatica Corporation, AT&T, Bosch, Etsy, Twitter, Mozilla (Firefox & Web Services), Algolia, Weblate, Snapchat, Harvest, Plotly, Artsy, and WordPress|
*Recognition from invitation-only bug bounty engagements and private programs are not displayed above.