It was found that Nagios in version 4.0.8 used by Openstack Platform, and Mobile Application Platform is vulnerable to Cross-Site Request Forgery attacks. This is fixed upstream in version 4.2.0 by commit https://github.com/NagiosEnterprises/nagioscore/commit/8775ea503596e4ce255172abd86805148c94757b. Originally reported here: http://tracker.nagios.org/view.php?id=281
Created nagios tracking bugs for this issue: Affects: fedora-all [bug 1377885]
Fixed in RHMAP