CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

🚨 CRITICAL: Open ISES Tickets <3.44.2 has hardcoded MySQL creds in loader.php (CVE-2026-48241), exposing DBs to attack if reachable.

1 Posts 1 Posters 0 Views

O This user is from outside of this forum
O This user is from outside of this forum
offseq@infosec.exchange

wrote last edited by

#1

CRITICAL: Open ISES Tickets <3.44.2 has hardcoded MySQL creds in loader.php (CVE-2026-48241), exposing DBs to attack if reachable. Restrict file & DB access, rotate creds now. No official fix yet. https://radar.offseq.com/threat/cve-2026-48241-use-of-hard-coded-credentials-in-op-e794805b #OffSeq #Vulnerability #MySQL #AppSec
1 Reply Last reply
1
0
R relay@relay.infosec.exchange shared this topic

Log in to reply