lukevella

Top products

The 12 most recently published vulnerabilities affecting lukevella.

• CVE-2026-6493lukevella rallly Reset Password reset-password-form.tsx cross site scripting3.5Apr 17, 2026
• CVE-2025-66027Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings6.5Nov 29, 2025
• CVE-2025-65034Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId8.1Nov 19, 2025
• CVE-2025-65033Rallly Broken Authorization: Any User Can Pause or Resume Any Poll via Poll ID Manipulation8.1Nov 19, 2025
• CVE-2025-65032Rallly Has an IDOR Vulnerability in Participant Rename Function Allows Unauthorized Modification of Other Users’ Names6.5Nov 19, 2025
• CVE-2025-65031Rallly Improper Authorization in Comment Endpoint Allows User Impersonation6.5Nov 19, 2025
• CVE-2025-65030Rallly Improper Authorization in Comment Deletion Endpoint Allows Unauthorized Comment Removal7.1Nov 19, 2025
• CVE-2025-65029Rallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll Participants8.1Nov 19, 2025
• CVE-2025-65021Rallly Has Unauthorized Poll Finalization via Insecure Direct Object Reference (IDOR)9.1Nov 19, 2025
• CVE-2025-65020Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)6.5Nov 19, 2025
• CVE-2025-65028Rallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant Votes6.5Nov 19, 2025
• CVE-2025-47781Rallly Insufficient Password Login Token Entropy Leads to Account Takeover9.8May 14, 2025