How secure are popular open source web frameworks?

I am particularly interested in popular frameworks like Rails and DJango.

If I am building a site which is going to do heavy e-commerce, is it Ok to use frameworks like DJango and Satchmo?

Is security compromised because their open architecture ?

I know being OS does not mean being down right open to hackers, Linux uses superb authentication mechanism, but web is a different game.

What can be done in this regard?

UPDATE:

Thanks for answers guys.

I understand that I will have to find a suitable hosting service for a secure e-commerce application and that additional layers of security will be needed.

I understand that Django and Rails have been designed keeping security aspects in mind, the most common form attacks like XSS, Injections etc. (Django book has a ch on Security)

I was expecting comments from security Gurus. If you are a security Guru, would you recommend an important site, which is likely going to be popular, to be built on DJango or Rails?