Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters (e.g., owner or resource id).
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LSummerpearlgroup Vacation Rental Management Platform
APPSummerpearlgroup< 1.0.2
Powiązane podatności
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Deni...
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active use...
A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation Rental Manageme...
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and class...
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified...