Update 5.13.2 release notes to mention fix for CVE-2025-53103

Author: marcphilipp

documentation/src/docs/asciidoc/release-notes/release-notes-5.13.2.adoc

@@ -13,6 +13,19 @@ repository on GitHub.
 [[release-notes-5.13.2-junit-platform]]
 === JUnit Platform
 
+[[release-notes-5.13.2-junit-platform-bug-fixes]]
+==== Bug Fixes
+
+* If Git information is included in the Open Test Reporting XML format (see below), any
+  credentials that may be configured as part the `remote.origin.url` setting in Git were
+  written to the `originUrl` attribute of `<git:repository>` elements. For example, when
+  cloning a GitHub repository using a URL like
+  `https://username:password@github.com/organization/repository.git` both username and
+  password were included in the XML report. Since this report may be shared, published, or
+  archived (for example, on a CI server) while including this information, this was
+  reported as a potential security vulnerability (CVE-2025-53103). Any credentials are now
+  being replaced with `\***` before writing them to the XML report.
+
 [[release-notes-5.13.2-junit-platform-deprecations-and-breaking-changes]]
 ==== Deprecations and Breaking Changes