GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.

**Apache Kylin vulnerable to Command injection by Diagnosis Controller**

High severity GitHub Reviewed Published Dec 30, 2022 • Updated Jan 3, 2023