![HotDoc](https://logos.bugcrowdusercontent.com/logos/595d/b1d0/35d309a0/1fc8ef4ad47b2b52c0f19ad9e33f567e_69730caf737a78b1d9f91d9e75ac73a5_ZLdS9Bce_400x400.jpg)
HotDoc
- $50 – $8,000 per vulnerability
New feature added: patient search page on dashboard
We hope your testing is going well. Here is an update that should make things a bit more interesting!
The patient search feature is now available for testing on HotDoc Dashboard. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:
Name | URL | Description | Change |
---|---|---|---|
Patient Search | https://staging.hotdoc.com.au/dashboard#/patients/search | Patient search on Dashboard | Added |
How to access the patient search page?
Visit the dashboard at https://staging.hotdoc.com.au/dashboard and log in as a clinic user. By clicking the 'Patients' button in the navigation bar, a 'Patient Search' link should be expanded. It will take you to the patient search page at https://staging.hotdoc.com.au/dashboard#/patients/search
How does the patient search work?
Endpoint: https://staging.hotdoc.com.au/api/dashboard/pms_patients?search=
The patient search functionality takes a patient's full name or partial name as the query parameter. It shows a list of matched patients and clinic users can manage the communication preference and view the patient activity of a selected patient. To assist your testing with this feature, we have seeded ten patients for each account.
First name | Last name | |
---|---|---|
1 | Nadia | Schuster |
2 | Louisa | Kulas |
3 | Finn | Leuschke |
4 | Maeve | Casper |
5 | Marcelina | Zulauf |
6 | Newton | McDermott |
7 | Frieda | Wilkinson |
8 | Kieran | Gorczany |
9 | Annabelle | Corwin |
10 | Isom | Dickens |
As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.
Get out there and lay claim to those bugs!