Description
jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406).
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0057)
WordPress 4.4.x Cross-Site Scripting Vulnerability (4.4 - 4.4.2)
WordPress Plugin Super Logos Showcase for WordPress Arbitrary File Upload (2.2)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.5)
WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.1)