CVE-2025-1714

MEDIUM

Perforce Gliffy <4.14.0-7 - Info Disclosure

Title source: llm

Description

Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to version 4.14.0-7 on Gliffy online allows attacker to enumerate valid user emails and potentially DOS the server

References (1)

[Various Sources] https://portal.perforce.com/s/detail/a91PA000001ScY1YAK

Scores

CVSS v4 6.9

EPSS 0.0026

EPSS Percentile 49.4%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200 CWE-307

Status published

Products (1)

Perforce/Gliffy < 4.14.0-7

Published Mar 05, 2025

Tracked Since Feb 18, 2026