Primary

Context

Perforce Gliffy Lack of Rate Limiting in Sign-up Workflow Vulnerability

Vulnerability

Patched

A vulnerability exists in Perforce Gliffy Online versions prior to 4.14.0-7, where the sign-up workflow lacks proper rate limiting. This deficiency allows attackers to enumerate valid user email addresses and potentially perform a denial-of-service attack on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized email enumeration and potential denial-of-service conditions on the server.

Remediation

Users can upgrade to Gliffy version 4.14.0-7 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Perforce Gliffy Lack of Rate Limiting in Sign-up Workflow Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Perforce Gliffy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating