Auth bypass in Gliffy Online
CVE-2024-5174
A flaw in Gliffy results in broken authentication through the reset functionality of the application.
Vulnerability class: Broken Authentication
EPSS: 0.003 (25.3th percentile) — read the EPSS interpretation.
Affected products
- Gliffy Online — versions 0.0.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2024-5174?
- CVE-2024-5174 is a vulnerability in Gliffy Online, classified under Improper Authentication. Published 2025-02-24.
- Is CVE-2024-5174 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.