Mantis

**Name of the Vulnerable Software and Affected Versions** OX App Suite versions 7.10.1 through 7.10.2 **Description** The issue allows for Server-Side Request Forgery (SSRF), which is a type of attack where an attacker can trick a server into making requests to internal or external resources. **Recommendations** For OX App Suite versions 7.10.1 and 7.10.2, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Pragmatic Utopia PU Arcade (com puarcade) component for Joomla! versions 2.2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `gid` parameter to the "index.php" endpoint. **Recommendations** For versions 2.2 and earlier, update to a version later than 2.2 to resolve the issue. As a temporary workaround, consider restricting access to the "index.php" endpoint or avoiding the use of the `gid` parameter until a patch is available.