PT-2026-42523 · Unknown · Open Ises Tickets
Published
2026-05-21
·
Updated
2026-05-21
·
CVE-2026-48245
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Open ISES Tickets versions prior to 3.44.2
Description
A hardcoded Google Maps API key is embedded in the
tables.php file and committed to the public source repository. This allows individuals with read access to the source code to extract the key and perform Google Maps Platform requests, which are then billed to the original owner's Google Cloud project.Recommendations
Update to version 3.44.2 or later.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open Ises Tickets