SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
Read more