pcs is vulnerable to cross-site request forgery (CSRF) attacks. The vulnerability exists in pcsd web UI in pcs before 0.9.149.
lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html
lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html
rhn.redhat.com/errata/RHSA-2016-2596.html
www.securityfocus.com/bid/97984
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/index.html
access.redhat.com/errata/RHSA-2016:2596
access.redhat.com/security/cve/CVE-2016-0720
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1158500
bugzilla.redhat.com/show_bug.cgi?id=1164402
bugzilla.redhat.com/show_bug.cgi?id=1207405
bugzilla.redhat.com/show_bug.cgi?id=1219581
bugzilla.redhat.com/show_bug.cgi?id=1220512
bugzilla.redhat.com/show_bug.cgi?id=1225423
bugzilla.redhat.com/show_bug.cgi?id=1225946
bugzilla.redhat.com/show_bug.cgi?id=1229822
bugzilla.redhat.com/show_bug.cgi?id=1231858
bugzilla.redhat.com/show_bug.cgi?id=1248990
bugzilla.redhat.com/show_bug.cgi?id=1249085
bugzilla.redhat.com/show_bug.cgi?id=1252050
bugzilla.redhat.com/show_bug.cgi?id=1264360
bugzilla.redhat.com/show_bug.cgi?id=1269242
bugzilla.redhat.com/show_bug.cgi?id=1281364
bugzilla.redhat.com/show_bug.cgi?id=1281371
bugzilla.redhat.com/show_bug.cgi?id=1281391
bugzilla.redhat.com/show_bug.cgi?id=1286664
bugzilla.redhat.com/show_bug.cgi?id=1287320
bugzilla.redhat.com/show_bug.cgi?id=1290512
bugzilla.redhat.com/show_bug.cgi?id=1298585
bugzilla.redhat.com/show_bug.cgi?id=1299614
bugzilla.redhat.com/show_bug.cgi?id=1299847
bugzilla.redhat.com/show_bug.cgi?id=1301993
bugzilla.redhat.com/show_bug.cgi?id=1302010
bugzilla.redhat.com/show_bug.cgi?id=1303136
bugzilla.redhat.com/show_bug.cgi?id=1305786
bugzilla.redhat.com/show_bug.cgi?id=1315357
bugzilla.redhat.com/show_bug.cgi?id=1315652
bugzilla.redhat.com/show_bug.cgi?id=1315743
bugzilla.redhat.com/show_bug.cgi?id=1327739
bugzilla.redhat.com/show_bug.cgi?id=1328066
bugzilla.redhat.com/show_bug.cgi?id=1329472
bugzilla.redhat.com/show_bug.cgi?id=1341114
bugzilla.redhat.com/show_bug.cgi?id=1346852
bugzilla.redhat.com/show_bug.cgi?id=1349465
bugzilla.redhat.com/show_bug.cgi?id=1354498
bugzilla.redhat.com/show_bug.cgi?id=1357945
bugzilla.redhat.com/show_bug.cgi?id=1359154
bugzilla.redhat.com/show_bug.cgi?id=1366307
github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625
rhn.redhat.com/errata/RHSA-2016-2596.html