Malicious users were able to circumvent CSRF protection on any URL by sending specially crafted POST requests. This could allow unprivileged attackers to circumvent CSRF protection. External References: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
Created jenkins tracking bugs for this issue: Affects: fedora-all [bug 1291799]
This issue has been addressed in the following products: RHEL 7 Version of OpenShift Enterprise 3.1 Via RHSA-2016:0070 https://access.redhat.com/errata/RHSA-2016:0070
This issue has been addressed in the following products: Red Hat OpenShift Enterprise 2.2 Via RHSA-2016:0489 https://rhn.redhat.com/errata/RHSA-2016-0489.html