CVE-2025-65028 | lukevella rallly up to 4.5.3 participantId improper authorization (GHSA-pchc-v5hg-f5gp)

A vulnerability marked as critical has been reported in lukevella rallly up to 4.5.3. The affected element is an unknown function. The manipulation of the argument participantId leads to improper authorization.

This vulnerability is uniquely identified as CVE-2025-65028. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More