# EzerHeal — Security Contact # RFC 9116 (https://www.rfc-editor.org/rfc/rfc9116) Contact: mailto:support@ezerheal.com Contact: https://github.com/lalrinsangsiama/ezerheal/security/advisories/new Expires: 2027-04-24T00:00:00.000Z Preferred-Languages: en, hi Canonical: https://ezerheal.com/.well-known/security.txt Policy: https://ezerheal.com/security Acknowledgments: https://ezerheal.com/security#acknowledgments # If you have found a vulnerability affecting EzerHeal (web, mobile apps, # or backend), please report it via one of the Contact channels above. # We commit to: # - Acknowledging receipt within 72 hours. # - Keeping you informed of remediation progress. # - Not pursuing legal action against researchers who follow this # policy in good faith. # # In scope: # - ezerheal.com, *.ezerheal.com # - Android/iOS apps published under com.ezerheal.* # - Supabase project tfawgjhbyylebmpgrszd (authenticated testing only) # # Out of scope: # - Social engineering of EzerHeal staff or partner doctors/pharmacies. # - DoS/volumetric attacks. # - Physical security of partner clinics. # - Any activity that would expose real patient data (PHI).