What the vulnerability does
01Description
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through <= 2.6.29.
Explanation of Vulnerability in Simple Terms
02Summary
Five Star Restaurant Reservations versions 2.6.29 and earlier contain an authorization flaw that allows high-privilege users to cause a denial of service. An attacker with administrative or elevated access can trigger a condition that makes the reservation system unavailable to legitimate users. The vulnerability requires valid credentials and does not affect data confidentiality or integrity.
What an attacker can do
03Attacker Capabilities
Make the reservation system unavailable to legitimate users.
Potential impact on your site
04Site Impact
Restaurant reservations may become unavailable during an attack by a compromised or malicious admin account.
Conditions required to exploit
05Prerequisites
Attacker must have high-level administrative or privileged account access to the system.
Key dates
06Disclosure timeline
March 27, 2025
CVE published
April 28, 2026
Record updated