GHSA-3w94-vq2x-v5wr: ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions

GHSA-m43g-m425-p68x: junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener 

GHSA-hc55-p739-j48w: @modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

GHSA-q66q-fx2p-7w4m: @modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

GHSA-h34r-jxqm-qgpr: juju/utils leaks private key in certs

#### Impact
A user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended.


**Possible injection of HTML into user invite mails**

Low severity GitHub Reviewed Published Dec 12, 2023 in umbraco/Umbraco-CMS • Updated Dec 13, 2023

Headline

GHSA-xxc6-35r7-796w: Possible injection of HTML into user invite mails

Impact

ghsa: Latest News