github.com/coreos/etcd is vulnerable to cross-site request forgery (CSRF) attacks. The vulnerability exists as there are no host whitelists in place to prevent unauthorized websites from sending unauthorized POST requests to the etcd server.
bugzilla.redhat.com/show_bug.cgi?id=1552714
github.com/coreos/etcd/commit/a7e5790c82039945639798ae9a3289fe787f5e56
github.com/coreos/etcd/issues/9353
github.com/coreos/etcd/pull/9372
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/