The Frappe team and community take security issues in the Frappe Framework seriously. To report a security issue, fill out the form at https://erpnext.com/security/report.

You can help us make Frappe and consequently all Frappe dependent apps like ERPNext more secure by following the Reporting guidelines.

We appreciate your efforts to responsibly disclose your findings. We'll endeavor to respond quickly, and will keep you updated throughout the process.