VYPR
Moderate severityNVD Advisory· Published Jan 13, 2021· Updated Aug 3, 2024

CVE-2021-21613

CVE-2021-21613

Description

Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service response content.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.jenkins.plugins:ticsMaven
< 2020.3.0.72020.3.0.7

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

1