CVE-2023-39156 - Jenkins Bazaar Plugin CSRF Vulnerability: Deleting SCM Tags Without Permissions Jul 26, 2023 CSRF Exploit Java Jenkins Project Jenkins Bazaar Plugin CVE-2023-39156 - Jenkins Bazaar Plugin CSRF Vulnerability: Deleting SCM Tags Without Permissions The Jenkins Bazaar Plugin (versions 1.22 and earlier) has been identified with having a cross-site request forgery (CSRF) vulnerability, allowing attackers to maliciously delete