CVE-2025-63562

Name of the Vulnerable Software and Affected Versions Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2

Description The Summer Pearl Group Vacation Rental Management Platform is affected by inadequate server-side authorization. Authenticated attackers can access and modify resources belonging to other users by manipulating request parameters, such as owner or resource id, within API calls. This allows attackers to perform create, update, and delete operations on resources they should not have access to. The affected API endpoints allow these actions.

Recommendations Versions prior to 1.0.2 should be updated to version 1.0.2 or later.