Please do not report security vulnerabilities through public GitHub issues or pull requests.
Report them privately to security@bahmni.org.
The full reporting, discussion, and disclosure process is documented here: https://bahmni.atlassian.net/wiki/spaces/BAH/pages/884277257/Security+-+Reporting+and+Discussion