CVE-2016-4319: /auditing/settings was vulnerable to CSRF

{panel:bgColor=#e7f4fa}
NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61803].
{panel}

The /auditing/settings resource was vulnerable to [CSRF|https://en.wikipedia.org/wiki/Cross-site_request_forgery] attacks.