3 matches found
EUVD-2025-199883
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
CVE-2025-66027 Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
PT-2025-48352
Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.6 Description Rallly is a scheduling and collaboration tool. A flaw allows unauthorized disclosure of participant details, such as names and email addresses. This occurs through the...