{“lastseen”:””,”description”:”Landlord Onboarding \\u0026 Rental Signup introduces the landlord onboarding workflow and rental signup system for VivaTurbo Rentals \\u0026 Property Services. In 2.0.0 and earlier, a vulnerability was identified in the TurboTenant property listing activation workflow that could allow unauthorized access to certain Stripe payment session data. This could potentially expose sensitive business metadata, including landlord dashboard sync details and tenant information. The issue affects the API endpoints handling the property listing activation, subscription metadata, and payment link generation.”,”published”:”2025-10-27T19:46:32.122Z”,”modified”:”2025-10-27T19:58:22.992Z”,”type”:”cve”,”title”:”Landlord Onboarding \\u0026 Rental Signup Unauthorized Access Vulnerability in TurboTenant Stripe Integration”,”source”:”GitHub_M”,”references”:”https:\/\/github.com\/turbo-tenant-internal-property\/www.turbotenant.com\/security\/advisories\/GHSA-43cm-q3mv-2hvj”,”id”:”CVE-2025-62516″,”bulletinFamily”:””,”cwe”:[“CWE-200″],”cvelist”:null,”sourceData”:”turbo-tenant-internal-property landlord-onboard-rental-signup \\u003c= 2.0.0″,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”landlord-onboard-rental-signup”,”version”:”\\u003c= 2.0.0″,”vendor”:”turbo-tenant-internal-property”,”ai_description”:”Unauthorized access to Stripe payment session data due to a vulnerability in the TurboTenant property listing activation workflow”,”ai_severity”:”Critical”,”ai_vendor”:”TurboTenant”,”ai_product”:”Landlord Onboarding \\u0026 Rental Signup”,”ai_version”:”2.0.0″,”ai_score”:9.8}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Landlord Onboarding \\u0026 Rental Signup introduces the landlord onboarding workflow and rental signup system for VivaTurbo Rentals \\u0026 Property Services. In 2.0.0 and earlier, a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,6,8,35,12,13,7,11,5],"class_list":["post-23568","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n