CVE-2025-63562 – Summer Pearl Group Vacation Rental Management Platform Server-Side Authorization Bypass

CVE ID : CVE-2025-63562

Published : Oct. 31, 2025, 8:15 p.m. | 1 hour, 11 minutes ago

Description : Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…