Mrr3Boot

**Name of the Vulnerable Software and Affected Versions** iWay Data Quality Suite Web Console version 10.6.1.ga-2016-11-20 **Description** An XML External Entity (XXE) issue exists. This means that the software may be tricked into accessing resources or data it should not, potentially leading to information disclosure or other security issues. **Recommendations** For iWay Data Quality Suite Web Console version 10.6.1.ga-2016-11-20, consider disabling XML external entities in the parser configuration as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AcyMailing extension versions prior to 5.9.6 for Joomla! **Description** The issue exists in the export feature of the AcyMailing extension, where a value is mishandled in a CSV export, leading to CSV Injection, also known as Excel Macro Injection or Formula Injection. **Recommendations** For versions prior to 5.9.6, update to version 5.9.6 or later to resolve the issue.