Mercmobily

**Name of the Vulnerable Software and Affected Versions** Shindig-Integrator versions 5.x **Description** A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in generated pages. **Recommendations** For Shindig-Integrator versions 5.x, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions.

**Name of the Vulnerable Software and Affected Versions** Shindig-Integrator versions 5.x **Description** The issue allows remote attackers to gain privileges via unspecified vectors due to improper restriction of generated page access. **Recommendations** For versions 5.x, update to a version that properly restricts access to generated pages to prevent privilege escalation.