Potential security vulnerabilities can be reported directly us at
firstname.lastname@example.org. The Ghost Security Team communicates privately and works in a secured, isolated repository for tracking, testing, and resolving security-related issues.
The full, up-to-date details of our security policy and procedure can always be found in our documentation:
Please refer to this before emailing us. Thanks for helping make Ghost safe for everyone 🙏.