A vulnerability classified as problematic was found in openises tickets up to 3.44.1 . Impacted is an unknown function of the file single.php of the component URL Handler . Such manipulation of the argument ticket_id leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-35008 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.