A vulnerability has been found in openises Tickets up to 3.44.1 and classified as problematic . Affected is an unknown function of the file patient.php of the component Request Handler . Performing a manipulation of the argument ticket_id results in cross site scripting. This vulnerability is reported as CVE-2026-48227 . The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.