CNNVD-202601-1363 Information

CNNVD ID

CNNVD-202601-1363

Related CVE

CVE-2026-21694

• CNNVD Published: 2026-01-08

Description (Chinese)

titra是kromit开源的一款时间跟踪项目。 titra 0.99.49及之前版本存在访问控制错误漏洞，该漏洞源于访问控制不当，可能导致用户查看和编辑未授权私有项目中的时间条目。

Description (English)

Titra is a time-tracking project for kromit open sources. Tetra 0.99.49 and previous versions have access control errors, which stem from inappropriate access controls and may lead users to view and edit time entries in private projects that are not authorized.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

kromit

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/kromitgmbh/titra/commit/29e6b88eca005107729e45a6f1731cf0fa5f8938 https://github.com/kromitgmbh/titra/security/advisories/GHSA-mr2r-wjf8-cj3c

Patch

https://github.com/kromitgmbh/titra/releases