Vulnerability Disclosure Submission Form

Before submitting vulnerability information here, please read our vulnerability disclosure policy (VDP) at https://www.neh.gov/vulnerability-disclosure-policy.

We only accept vulnerability reports through this form for certain systems; these are listed in our VDP.
We also accept emails at VDP@neh.gov regarding your submission.
We do not support PGP-encrypted emails for vulnerability reports. For particularly sensitive information, use this HTTPS web form.

When you choose to share your contact information with us, we commit to coordinating with you as openly and as quickly as possible.

Within 6 business days, we will acknowledge that your report has been received.
We will take action internally to evaluate your report
If you provided contact information, our technical staff may reach out to you to communicate directly with you as needed.
Questions regarding your submission may be sent to VDP@neh.gov
We will maintain an open dialogue to discuss issues.

* Required

Describe the vulnerability and its potential impact.

Give a detailed description of the steps needed to reproduce the vulnerability (links to proof of concept scripts or screenshots are helpful).

(Optional) Is there anything else we should know?

(Optional) Your Name.

What code is in the image?

Enter the characters shown in the image.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.