• $50 – $8,000 per vulnerability
  • Partial safe harbor

New feature added: patient search page on dashboard

We hope your testing is going well. Here is an update that should make things a bit more interesting!

The patient search feature is now available for testing on HotDoc Dashboard. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:

Name URL Description Change
Patient Search Patient search on Dashboard Added

How to access the patient search page?

Visit the dashboard at and log in as a clinic user. By clicking the 'Patients' button in the navigation bar, a 'Patient Search' link should be expanded. It will take you to the patient search page at

How does the patient search work?

The patient search functionality takes a patient's full name or partial name as the query parameter. It shows a list of matched patients and clinic users can manage the communication preference and view the patient activity of a selected patient. To assist your testing with this feature, we have seeded ten patients for each account.

  First name Last name
1 Nadia Schuster
2 Louisa Kulas
3 Finn Leuschke
4 Maeve Casper
5 Marcelina Zulauf
6 Newton McDermott
7 Frieda Wilkinson
8 Kieran Gorczany
9 Annabelle Corwin
10 Isom Dickens

As always, please see the program brief for the full details around testing. If you have any questions, please reach out to

Get out there and lay claim to those bugs!