CVE-2025-63563

Medium CVSS: 6.5

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password.

Vendor

Summerpearlgroup

Product

Vacation Rental Management Platform

CWE

CWE-286

Yayın Tarihi

2025-10-31 21:15:44

Güncelleme

2025-11-05 19:10:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-286 Vacation Rental Management Platform MEDIUM Summerpearlgroup 2025

Referanslar

https://github.com/Stolichnayer/Summer-Pearl-Group-Insufficient-Session-Expiration

Benzer Kayıtlar

High

CVE-2025-63561

Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Serv…

Medium

CVE-2025-63562

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorizati…

Medium

CVE-2025-5183

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as proble…

Medium

CVE-2025-5184

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified…

Medium

CVE-2025-5181

A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation Rental Management Platfor…

Medium

CVE-2025-5182

A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as c…