Vulnerabilities

CVE-2025-63563

by Fred · 31/10/2025

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password.

More information : https://github.com/Stolichnayer/Summer-Pearl-Group-Insufficient-Session-Expiration

Similar

Tags: Cybersecurity Alert