Kromit Titra
9 CVEs affecting Kromit Titra. Latest disclosed: 2026-01-08. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2595 | Critical | 10.0 | 2022-08-01 | Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. |
CVE-2022-2098 | Critical | 9.8 | 2022-06-16 | Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. |
CVE-2025-69288 | Critical | 9.1 | 2025-12-31 | Titra is open source project time tracking software. Prior to version 0.99.49, Titra allows any authenticated Admin user to modify the timeEntryRule in the dat… |
CVE-2022-2027 | High | 8.0 | 2022-06-09 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0. |
CVE-2026-21694 | Medium | 6.8 | 2026-01-08 | Titra is open source project time tracking software. Versions 0.99.49 and below have Improper Access Control, allowing users to view and edit other users' time… |
CVE-2022-2029 | Medium | 5.4 | 2022-06-09 | Cross-site Scripting (XSS) - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0. |
CVE-2022-2028 | Medium | 5.4 | 2022-06-09 | Cross-site Scripting (XSS) - Generic in GitHub repository kromitgmbh/titra prior to 0.77.0. |
CVE-2022-2026 | Medium | 5.4 | 2022-06-09 | Cross-site Scripting (XSS) - Stored in GitHub repository kromitgmbh/titra prior to 0.77.0. |
CVE-2026-21695 | Medium | 4.3 | 2026-01-08 | Titra is open source project time tracking software. In versions 0.99.49 and below, an API has a Mass Assignment vulnerability which allows authenticated users… |