Jenkins Security Advisory 2013-02-16 A malicious user of Jenkins can trick Jenkins into building jobs that he does not have direct access to. https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
This issue has been addressed in following products: RHEL 6 Version of OpenShift Enterprise Via RHSA-2013:0638 https://rhn.redhat.com/errata/RHSA-2013-0638.html