PT-2026-42522 · Unknown · Open Ises Tickets

CVE-2026-48244

·

Published

2026-05-21

·

Updated

2026-05-21

CVSS v4.0

6.9

Medium

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Open ISES Tickets versions prior to 3.44.2
Description The software embeds a hardcoded Google Maps API key within the settings.inc.php file, which is committed to the public source repository. This allows individuals with read access to the source code to extract the key and perform Google Maps Platform requests that are billed to the original owner's Google Cloud project.
Recommendations Update to version 3.44.2 or later.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-48244

Affected Products

Open Ises Tickets