This repository is actively maintained by the T-MSIS program team. Security fixes are applied to the default branch.

The Centers for Medicare & Medicaid Services is committed to protecting public information. If you believe you have found a security vulnerability in this repository, please report it responsibly.

Preferred: Submit through the CMS Vulnerability Disclosure Program (Bugcrowd).

Alternate: Email IncidentManagement@cms.hhs.gov.

For T-MSIS program support questions (non-security), contact cms_IT_service_desk@cms.hhs.gov.

Review the HHS Vulnerability Disclosure Policy: https://www.hhs.gov/vulnerability-disclosure-policy/index.html

CMS Open Source Policy: https://github.com/CMSgov/cms-open-source-policy

Please do not open public GitHub issues for undisclosed security vulnerabilities.