Security Advisory

CVE-2025-63562

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-31 00:00:00

Last updated 2025-10-31 19:59:16

Assigner mitre

State PUBLISHED

Description

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).

← Browse all CVEs View on cve.org ↗