At Medicod, we take security seriously and welcome the assistance of the security community in making our platform more secure. If you discover a security vulnerability, please help us by responsibly disclosing it to us.
To report a security vulnerability, please follow these steps:
-
Privately Notify Us: Send an email to security@medicod.com with a detailed description of the vulnerability. Do not post the issue publicly until we've had a chance to address it.
-
Provide Details: In your report, include the following details:
- A clear and concise description of the vulnerability.
- Information on how to reproduce the vulnerability.
- The version of Medicod affected by the vulnerability.
- Any additional information that can help us understand and address the issue.
-
Cooperate with Us: We will acknowledge the receipt of your report within [X] business days and work with you to understand and resolve the issue.
-
Responsible Disclosure: After we have addressed the issue, we encourage responsible disclosure. We will work with you to determine an appropriate release schedule for the fix and provide you with credit in our release notes.
Medicod is committed to maintaining the security of our platform. We actively monitor for potential vulnerabilities and release updates as needed. We encourage all users to keep their installations up to date to benefit from these security improvements.
When a security vulnerability is identified and confirmed, our policy is to:
- Prioritize the issue and initiate immediate remediation.
- Develop a patch or update to address the vulnerability.
- Communicate the issue and provide details on the vulnerability to our users.
- Release a new version of Medicod that includes the patch.
- Notify users, through release notes or other appropriate channels, to update to the latest version containing the fix.
If you have any questions or concerns regarding this security policy, please contact us at security@medicod.com.
This security policy is subject to the terms of [MIT License]. By participating in this project or using our software, you agree to abide by its terms.