stored xss in kromitgmbh/titra

Valid

Reported on

Jun 8th 2022


Description

Stored XSS, also known as persistent XSS, is the more damaging than non-persistent XSS. It occurs when a malicious script is injected directly into a vulnerable web application.

Proof of Concept

1)Go to this website: https://titra.io/

2)Click on add Track button

3)In the Task field enter the payload: <svg onload=alert('XSSPOSED')>"><h1/onmouseover='alert(/Xssposed/)'>XSSPOSED click save

4)Now Click on Details

  1. XSS will be triggered

poc

https://drive.google.com/file/d/19yEv7u7CbQZXyx9n96YVX8CGO0YalW2P/view?usp=sharing

Impact

This allows the attacker to execute malicious scripts in all the project members' browsers and it can lead to session hijacking, sensitive data exposure, and worse.

We are processing your report and will contact the kromitgmbh/titra team within 24 hours. a year ago
We have contacted a member of the kromitgmbh/titra team and are waiting to hear back a year ago
kromitgmbh/titra maintainer validated this vulnerability a year ago
tharunavula has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
kromitgmbh/titra maintainer marked this as fixed in 0.77.1 with commit c1fff7 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation