A vulnerability described as problematic has been identified in openises Tickets up to 3.44.1 . Impacted is an unknown function of the file ics213.php of the component Request Handler . Executing a manipulation of the argument frm_add_str can lead to cross site scripting. This vulnerability is tracked as CVE-2026-48222 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.