HSD has a Responsible Disclosure Policy for its IT systems. Recently, Pranshu Tiwari (a program manager for GoJek from India) reported a vulnerability in the HSD Website, showing the importance of having such a policy. It concerns a Host Header Injection, which could cause the web application to behave in unexpected ways.
Our website developer Maaike Media quickly took action and solved the issue. We are very grateful for their expertise and professional response.
The HSD Responsible Disclosure Policy is based on the Guideline Responsible Disclosure published by the NCSC and was introduced after the HSD Café on Ethical Hacking and Responsible Disclosure during the Cyber Security Week 2015.