Rallly Improper Authorization in Comment Endpoint Allows User Impersonation

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Description

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint allows authenticated users to impersonate any other user by altering the authorName field in the API request. This enables attackers to post comments under arbitrary usernames, including privileged ones such as administrators, potentially misleading other users and enabling phishing or social engineering attacks. This issue has been patched in version 4.5.4.

Basic Information

ID CVE-2025-65031

Source GitHub_M

Published Nov 19, 2025 at 17:25

Modified Nov 19, 2025 at 18:35

Affected Product

Vendor lukevella

Product rallly

Version < 4.5.4

Affected Versions lukevella rallly < 4.5.4

CWE Classification

CWE-285 CWE-639

References

{
    "lastseen": "",
    "description": "Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint allows authenticated users to impersonate any other user by altering the authorName field in the API request. This enables attackers to post comments under arbitrary usernames, including privileged ones such as administrators, potentially misleading other users and enabling phishing or social engineering attacks. This issue has been patched in version 4.5.4.",
    "published": "2025-11-19T17:25:49.058Z",
    "modified": "2025-11-19T18:35:00.771Z",
    "type": "cve",
    "title": "Rallly Improper Authorization in Comment Endpoint Allows User Impersonation",
    "source": "GitHub_M",
    "references": "https://github.com/lukevella/rallly/security/advisories/GHSA-hhfc-6gq7-rrpm\nhttps://github.com/lukevella/rallly/releases/tag/v4.5.4",
    "id": "CVE-2025-65031",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "lukevella rallly < 4.5.4",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "rallly",
    "version": "< 4.5.4",
    "vendor": "lukevella",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Rallly Improper Authorization in Comment Endpoint Allows User Impersonation_CVE-2025-65031