Unrated severityNVD Advisory· Published Oct 31, 2025· Updated Oct 31, 2025
CVE-2025-63562
CVE-2025-63562
Description
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: < 1.0.2
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.