Jenkins Security Advisory 2013-02-16 One of the vulnerabilities allows cross-site request forgery (CSRF) attacks on Jenkins master, which causes an user to make unwanted actions on Jenkins. https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
This issue has been addressed in following products: RHEL 6 Version of OpenShift Enterprise Via RHSA-2013:0638 https://rhn.redhat.com/errata/RHSA-2013-0638.html