🔴 CVE-2025-65021 (CRITICAL, CVSS 9.1) in lukevella Rallly <4.5.4: Auth’d users can finalize others' polls via IDOR, risking data integrity. Patch to v4.5.4 ASAP! Monitor & audit poll actions. https://radar.offseq.com/threat/cve-2025-65021-cwe-285-improper-authorization-in-l-d9b86aa6 #OffSeq #Rallly #Vuln #IDOR
#Rallly
Zur Terminfindung setzen wir auf :pnpde_social: pnpde.social immer noch auf #FramaDate, weil es die inklusivste Software ist, die wir für diesen Zweck finden konnten
Im Test hat sich FramaDate gegen #Rallly, #Croodle und #Bitpoll durchgesetzt, weil es sich am besten per Screenreader bedienen lässt.
Vielen Dank an @norbert_moesl!
From the privacy policy of #Rallly:
"We store personal data (names and email addresses) on DigitalOcean's servers, which are located in the United States. The reason for storing data in the US is to improve performance for users by having the data stored closer to where our compute services are running. By using our services, you acknowledge that your personal data may be transferred to and stored in the United States."
So that is no option.
Very cool and good-working open-source url for scheduling meetings !! (with 3 Ls!)
https://rallly.co/
#Rallly #Doodle #meetup #calendar
**Rallly - Schedule Group Meetings**
Create polls and vote to find the best day or time. A free alternative to Doodle.
📣 Public service announcement 📣
Fed up of all the adverts on #Doodle? I strongly recommend giving Rallly a go! Plus, it's #opensource so if you really want, you can host it yourself. https://rallly.co
I have now used a self-hosted #Rallly by @Keyruu for several meetings and the feedback of the participants is excellent and great. Very great product and a clear recommendation. #selfhosted https://rallly.co/blog/rallly-3-0-self-hosting
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst