GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0.

**Cross-site Scripting in MLflow**

Moderate severity GitHub Reviewed Published Dec 7, 2023 to the GitHub Advisory Database • Updated Dec 12, 2023