CVE-2025-65030

HIGH

rallly < 4.5.4 - Authenticated Authorization Bypass via Comment Deletion API

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-65030. PoCs published by alaeddine03.

AI-analyzed exploit summary The repository describes an Insecure Direct Object Reference (IDOR) vulnerability in Rallly, where authenticated users can delete comments belonging to other users due to insufficient authorization checks in the comment deletion API. The issue was patched in version 4.5.4.

Description

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the comment deletion API allows any authenticated user to delete comments belonging to other users, including poll owners and administrators. The endpoint relies solely on the comment ID for deletion and does not validate whether the requesting user owns the comment or has permission to remove it. This issue has been patched in version 4.5.4.

Exploits (1)

github WRITEUP
by alaeddine03 · poc
https://github.com/alaeddine03/CVE-Disclosures/tree/main/Rallly/CVE-2025-65030

The repository describes an Insecure Direct Object Reference (IDOR) vulnerability in Rallly, where authenticated users can delete comments belonging to other users due to insufficient authorization checks in the comment deletion API. The issue was patched in version 4.5.4.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Rallly < 4.5.4
Auth required
Prerequisites: Authenticated user access
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 7.1
EPSS 0.0024
EPSS Percentile 14.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-639 CWE-285
Status published
Products (1)
rallly/rallly < 4.5.4
Published Nov 19, 2025
Tracked Since Feb 18, 2026