CNNVD-202510-4394 Information
CNNVD ID
CNNVD-202510-4394
Related CVE
- CNNVD Published: 2025-10-31
Description (Chinese)
Summer Pearl Group Vacation Rental Management Platform是希腊Summer Pearl Group公司的一款度假租赁物业管理的软件平台。 Summer Pearl Group Vacation Rental Management Platform 1.0.2之前版本存在安全漏洞,该漏洞源于密码更改后未正确使活动用户会话失效,可能导致攻击者通过有效会话令牌维持账户访问权限。
Description (English)
The Summer Peace Group. The security loophole in the previous version of Summer Pearl Group Operations Platform 1.2 resulted from a password change that did not correctly invalidate the active user ’ s session, which could lead the assailant to maintain access to the account through a valid message.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Summer Pearl Group
Published
2025-10-31
Last Modified
2026-02-24
References
https://github.com/Stolichnayer/Summer-Pearl-Group-Insufficient-Session-Expiration https://access.redhat.com/security/cve/cve-2025-63563
Patch
https://summerpearlgroup.gr/spgpm/releases
Share on: