ASA-2019-00105 – Jenkins: Monitoring Plugin did not apply Cross-Site Request Forgery (CSRF) protection even if enabled in Jenkins

Monitoring Plugin provides a standalone JavaMelody servlet with an independent CSRF protection configuration. Even if Jenkins had CSRF protection enabled, Monitoring Plugin may not have it enabled.