5 matches found
CVE-2025-66027
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
CVE-2025-66027
CVE-2025-66027 describes an information disclosure in Rallly prior to 4.5.6. The vulnerability allows disclosure of participant details (names and email addresses) through the endpoints /api/trpc/polls.get and polls.participants.list, even when Pro privacy features are enabled. The root cause is ...
EUVD-2025-199883
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool by Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in Rallly versions prior to 4.5.6, which stems from the disclosure of /api/trpc/polls.get,polls.participants.list endpoint...
PT-2025-48352
Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.6 Description Rallly is a scheduling and collaboration tool. A flaw allows unauthorized disclosure of participant details, such as names and email addresses. This occurs through the...