PT-2025-44673 · Summer Pearl · Summer Pearl Group Vacation Rental Management Platform

Published

2025-10-31

Updated

2025-11-01

CVE-2025-63563

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2

Description The Summer Pearl Group Vacation Rental Management Platform does not invalidate active user sessions after a password change. This allows an attacker possessing a valid session token to retain account access even after the legitimate user modifies their password.

Recommendations Update to version 1.0.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-286

Related Identifiers

CVE-2025-63563

Affected Products

Summer Pearl Group Vacation Rental Management Platform

CVE-2025-63563

Weakness Enumeration

Related Identifiers

Affected Products

References · 6