CVE-2024-5174
CVSS 3.1 Score 3.1 of 10 (low)
Details
Summary
CVE-2024-5174 is a newly identified vulnerability affecting Gliffy, a popular diagramming and workflow tool. The issue resides in the application's reset functionality, which leads to broken authentication. Maliciously crafted requests can exploit this vulnerability, allowing attackers to gain unauthorized access to user accounts and potentially sensitive information. This flaw poses a significant risk and emphasizes the importance of maintaining up-to-date software to protect against such cybersecurity threats. Users are strongly encouraged to apply the forthcoming patch to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- JWT