Security Advisory

CVE-2025-63563

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-31 00:00:00

Last updated 2025-11-03 20:44:50

Assigner mitre

State PUBLISHED

Description

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password.

← Browse all CVEs View on cve.org ↗