CSRF in Jenkins Bazaar Plugin <1.22: Delete SCM Tags
CVE-2023-39156 Published on July 26, 2023

A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags.

Vendor Advisory NVD

Products Associated with CVE-2023-39156

Want to know whenever a new CVE is published for Jenkins Bazaar? stack.watch will email you.

Jenkins Bazaar

Affected Versions

Jenkins Project Jenkins Bazaar Plugin:

Before and including 1.22 is affected.

Exploit Probability

EPSS

0.05%

Percentile

14.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CSRF in Jenkins Bazaar Plugin <1.22: Delete SCM TagsCVE-2023-39156 Published on July 26, 2023

Products Associated with CVE-2023-39156

Affected Versions

Exploit Probability

CSRF in Jenkins Bazaar Plugin <1.22: Delete SCM Tags
CVE-2023-39156 Published on July 26, 2023