6 matches found
EUVD-2025-199883
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
CVE-2025-66027 Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
PT-2025-48352
Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.6 Description Rallly is a scheduling and collaboration tool. A flaw allows unauthorized disclosure of participant details, such as names and email addresses. This occurs through the...
EUVD-2024-1870
Malicious code in bioql PyPI...
GHSA-XQHH-253W-4Q5F Moodle Cross-site Scripting (XSS)
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features...
UBUNTU-CVE-2024-33998
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features...