The form validation method does not require POST requests, resulting in a CSRF vulnerability.
Tag: POST
ASA-2019-00602 – Jenkins Dynatrace Application Monitoring Plugin: Cross-Site Request Forgery
Dynatrace Application Monitoring Plugin did not require POST requests on a method implementing form validation. This CSRF vulnerability allowed attackers to initiate a connection test to an attacker-specified server with attacker-specified username and password.
ASA-2019-00473 – Mikrotik RouterOS: Memory exhaustion via a crafted POST request
This vulnerability is similar to the CVE-2018-1157. An authenticated user can cause the www binary to consume all memory via a crafted POST request to /jsproxy/upload. It's because of the incomplete fix for the CVE-2018-1157.