Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference...

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability in the poll duplication endpoint (/api/trpc/polls.duplicate) allows any authenticated user to duplicate polls they do not own by modifying the pollId parameter. This effectively bypasses access control and lets unauthorized users clone private or administrative polls. This issue has been patched in version 4.5.4.

Basic Information

ID CVE-2025-65020

Source GitHub_M

Published Nov 19, 2025 at 17:24

Modified Nov 19, 2025 at 21:12

Affected Product

Vendor lukevella

Product rallly

Version < 4.5.4

Affected Versions lukevella rallly < 4.5.4

CWE Classification

CWE-285 CWE-639 CWE-862

References

{
    "lastseen": "",
    "description": "Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability in the poll duplication endpoint (/api/trpc/polls.duplicate) allows any authenticated user to duplicate polls they do not own by modifying the pollId parameter. This effectively bypasses access control and lets unauthorized users clone private or administrative polls. This issue has been patched in version 4.5.4.",
    "published": "2025-11-19T17:24:12.583Z",
    "modified": "2025-11-19T21:12:41.130Z",
    "type": "cve",
    "title": "Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)",
    "source": "GitHub_M",
    "references": "https://github.com/lukevella/rallly/security/advisories/GHSA-44w7-pf32-gv5m\nhttps://github.com/lukevella/rallly/releases/tag/v4.5.4",
    "id": "CVE-2025-65020",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-639",
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "lukevella rallly < 4.5.4",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "rallly",
    "version": "< 4.5.4",
    "vendor": "lukevella",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)_CVE-2025-65020