Description
jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).
Remediation
References
Related Vulnerabilities
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
WordPress Plugin One Click Upsell Funnel for WooCommerce Unspecified Vulnerability (2.0.0)
WordPress 3.8.4 Multiple Vulnerabilities (3.8 - 3.8.4)
Moodle Improper Input Validation Vulnerability (CVE-2020-10738)