CVE-2017-1000090
The CVE-2017-1000090 entry documents a CSRF flaw in the Jenkins Role-based Authorization Strategy Plugin. The root cause is that API requests were not required to be POSTed, allowing cross-site requests to alter authorization settings. Impact described across connected advisories: an attacker cou...