CVE-2025-65028
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR) vulnerability allows any authenticated user to modify other participants’ votes in polls without authorization. The backend relies solely on the participantId parameter to identify which votes to update, without verifying ownership or poll permissions. This allows an attacker to alter poll results in their favor, directly compromising data integrity. This issue has been patched in version 4.5.4.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| lukevella | rallly | < 4.5.4 | affected |
Weaknesses
- CWE-285: CWE-285: Improper Authorization
- CWE-639: CWE-639: Authorization Bypass Through User-Controlled Key
- CWE-862: CWE-862: Missing Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://github.com/lukevella/rallly/security/advisories/GHSA-pchc-v5hg-f5gp
- https://github.com/lukevella/rallly/releases/tag/v4.5.4
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.