A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar.
https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3201