If you discover a security vulnerability in Nextjango, please do not open a public issue.
Instead, email us directly at [email protected] with the details. We take all reports seriously and will respond as quickly as possible.
You may also use GitHub’s private vulnerability reporting feature if available.
- Acknowledge receipt of the report within 24–48 hours
- Review and validate the issue
- Patch the vulnerability in a timely manner
- Credit you (if desired) once disclosed
We currently support only the latest version of Nextjango.
Security fixes will not be backported unless the issue is severe.
Responsible disclosure keeps open source safe.
Thanks for helping make Nextjango more secure!