A vulnerability is a technical issue with the www.healthinote.com website which attackers or hackers could use to exploit the website and its users.
How to report a vulnerability
Include in your report:
- the IP address and/or URL of the page where you found the vulnerability
- a description of the type of vulnerability – for example, XSS vulnerability
- details of the steps we need to take to reproduce the vulnerability
- screenshots or logs if you have them
Report a vulnerability to security@cognitant.com
Guidelines for reporting a vulnerability
When you are investigating and reporting the vulnerability, you must not:
- break the law
- access unnecessary or excessive amounts of data
- modify data
- use high-intensity invasive or destructive scanning tools to find vulnerabilities
- tell other people about the vulnerability you have found until we have disclosed it
- social engineer, phish or physically attack our staff or infrastructure
- demand money to disclose a vulnerability
Only submit reports about exploitable vulnerabilities through security@cognitant.com
Contact security@cognitant.com to report other issues including:
- a non-exploitable vulnerability
- something you think could be improved – for example, missing security headers
- TLS configuration weaknesses – for example weak cipher suite support or the presence of TLS1.0 support
Data protection
You must follow data protection rules described at GOV.UK when reporting a vulnerability.
After you’ve reported the vulnerability
You’ll get confirmation that we have received your report. We’ll try to assess your report within 2 working days. We prioritise fixes by impact, severity and exploit complexity.