Stored XSS in Project Name in kromitgmbh/titra


Reported on

Jun 4th 2022


The application Titra is vulnerable to Stored XSS in Project name field.

Steps To Reproduce

  1. Click on Edit button
  2. Under the Project Name enter the paylaod "><img src=# onerror=alert(document.domain)>
  3. Click on save.
  4. Now navigate to details the XSS will be triggered.

Image PoC


This allows the attacker to execute malicious scripts in all the project members browser and it can lead to session hijacking, sensitive data exposure, and worse.

We are processing your report and will contact the kromitgmbh/titra team within 24 hours. a year ago
A GitHub Issue asking the maintainers to create a exists a year ago
a year ago


@admin please change the vulnerability type from Generic XSS to Stored XSS

We have contacted a member of the kromitgmbh/titra team and are waiting to hear back a year ago
Jamie Slome
a year ago


@saharshtapi - you should be able to change the vulnerability type to Stored XSS using the Edit button at the top right-hand side of the page.

If you are unable to, this is because you already have a Stored XSS report pending against this repository, and so should add the other occurrences of the same vulnerability type to that report using the permalinks.

kromitgmbh/titra maintainer validated this vulnerability a year ago
saharshtapi has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
kromitgmbh/titra maintainer marked this as fixed in 0.77.0 with commit e606b6 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
kromitgmbh/titra maintainer gave praise a year ago
thanks for reporting this!
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
a year ago


@admin Can you assign CVE?

Jamie Slome
a year ago


Sorted 👍

to join this conversation