CVE-2025-65031
MEDIUMrallly < 4.5.4 - Authenticated User Impersonation via Comment AuthorName Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-65031. PoCs published by alaeddine03.
AI-analyzed exploit summary The repository describes an Insecure Direct Object Reference (IDOR) vulnerability in Rallly, where authenticated users can impersonate others by manipulating the 'authorName' field in API requests. The issue was patched in version 4.5.4.
Description
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint allows authenticated users to impersonate any other user by altering the authorName field in the API request. This enables attackers to post comments under arbitrary usernames, including privileged ones such as administrators, potentially misleading other users and enabling phishing or social engineering attacks. This issue has been patched in version 4.5.4.
Exploits (1)
The repository describes an Insecure Direct Object Reference (IDOR) vulnerability in Rallly, where authenticated users can impersonate others by manipulating the 'authorName' field in API requests. The issue was patched in version 4.5.4.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N