A vulnerability was found in openises Tickets up to 3.44.1 . It has been classified as problematic . Affected by this issue is some unknown functionality of the file routes_i.php of the component Request Handler . The manipulation of the argument ticket_id leads to cross site scripting. This vulnerability is traded as CVE-2026-48229 . It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.