Cross-site Request Forgery (CSRF)

github.com/mattermost/mattermost-plugin-jira is vulnerable to Cross-site Request Forgery (CSRF). The vulnerability is due to improper logout checks, allowing an attacker to disconnect a user’s Jira connection in Mattermost by viewing a specially crafted message.