3 matches found
CVE-2025-65032 Rallly Has an IDOR Vulnerability in Participant Rename Function Allows Unauthorized Modification of Other Users’ Names
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability allows any authenticated user to change the display names of other participants in polls without being an admin or the poll owner. By manipulating the...
GHSA-6W5W-WX8W-2CQ9 usememos/memos Improper Access Control vulnerability
usememos/memos 0.9.0 and prior is vulnerable to full account takeover via changing user name, email address, and display name...
usememos/memos Improper Access Control vulnerability
usememos/memos 0.9.0 and prior is vulnerable to full account takeover via changing user name, email address, and display name...