7.5 High
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.4%
JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.
secunia.com/advisories/19031
sourceforge.net/project/shownotes.php?group_id=154666&release_id=396824
sourceforge.net/tracker/index.php?func=detail&aid=1439037&group_id=154666&atid=792697
www.vupen.com/english/advisories/2006/0767
exchange.xforce.ibmcloud.com/vulnerabilities/24958