9 matches found
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool by Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in Rallly versions prior to 4.5.6, which stems from the disclosure of /api/trpc/polls.get,polls.participants.list endpoint...
CVE-2025-65032 Rallly Has an IDOR Vulnerability in Participant Rename Function Allows Unauthorized Modification of Other Users’ Names
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability allows any authenticated user to change the display names of other participants in polls without being an admin or the poll owner. By manipulating the...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in versions of Rallly prior to 4.5.4 that stems from an insecure direct object reference in the vote modification feature,...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in versions of Rallly prior to 4.5.4, which stems from improper authorization and could cause an arbitrary authenticated...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in versions of Rallly prior to 4.5.4 that stems from an insecure direct object reference in the vote completion feature,...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in Rallly versions prior to 4.5.4 that stems from an insecure direct object reference in the participant deletion feature,...
CVE-2025-47781
Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...
CVE-2025-47781 Rallly Insufficient Password Login Token Entropy Leads to Account Takeover
Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...
CVE-2025-47781 Rallly Insufficient Password Login Token Entropy Leads to Account Takeover
Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...