Code execution, crossite scripting, request spoofing.
vulners.com/securityvulns/securityvulns:doc:19610
vulners.com/securityvulns/securityvulns:doc:19611
vulners.com/securityvulns/securityvulns:doc:19631