Vulnerabilities

CVE-2025-63562

by Fred · 31/10/2025

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).

More information : https://github.com/Stolichnayer/Summer-Pearl-Group-Broken-Access-Control

Similar

Tags: Cybersecurity Alert