A vulnerability classified as problematic has been found in openises tickets up to 3.44.1 . This issue affects some unknown processing of the file single_unit.php of the component URL Handler . This manipulation of the argument ID causes cross site scripting. This vulnerability is handled as CVE-2026-35007 . The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.