org.jenkins-ci.plugins:email-ext is vulnerable to Cross-Site Request Forgery (CSRF). An attacker is able to make another user stop watching an attacker-specified job because the library does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery.