GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

GHSA-vm62-9jw3-c8w3: Gogs has an argument Injection in the built-in SSH server

GHSA-9pp6-wq8c-3w2c: Gogs allows argument injection during the previewing of changes

GHSA-ccqv-43vm-4f3w: Gogs allows deletion of internal files

#### Impact
A user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended.


**Possible injection of HTML into user invite mails**

Low severity GitHub Reviewed Published Dec 12, 2023 in umbraco/Umbraco-CMS • Updated Dec 13, 2023

Headline

GHSA-xxc6-35r7-796w: Possible injection of HTML into user invite mails

Impact

ghsa: Latest News