Unrated severityNVD Advisory· Published Oct 31, 2025· Updated Oct 31, 2025

CVE-2025-63562

Description

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).

Affected products

Summer Pearl Group/Vacation Rental Management Platformdescription
Summer Pearl Group/Vacation Rental Management Platformllm-fuzzy
Range: < 1.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000