CVE-2021-21613

Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service response content.

Published Feb 3, 2026

https://github.com/advisories/GHSA-xmw5-45v9-pxqx

CVSS ScoreMedium

6.1

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2021-21613

Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service response content.

Published Feb 3, 2026

https://github.com/advisories/GHSA-xmw5-45v9-pxqx

CVSS ScoreMedium

6.1


maven	io.jenkins.plugins/tics	1.0
maven	io.jenkins.plugins/tics	2020.3.0.0
maven	io.jenkins.plugins/tics	2020.3.0.2
maven	io.jenkins.plugins/tics	2020.3.0.4
maven	io.jenkins.plugins/tics	2020.3.0.6

Ecosystem	Package	Version


maven	io.jenkins.plugins/tics	1.0
maven	io.jenkins.plugins/tics	2020.3.0.0
maven	io.jenkins.plugins/tics	2020.3.0.2
maven	io.jenkins.plugins/tics	2020.3.0.4
maven	io.jenkins.plugins/tics	2020.3.0.6

Find vulnerabilities. Fix fast with AI.

CVE-2021-21613

CVE-2021-21613