JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected