A vulnerability marked as problematic has been reported in openises Tickets up to 3.44.1 . This issue affects some unknown processing of the file ics205a.php of the component Request Handler . Performing a manipulation of the argument frm_add_str results in cross site scripting. This vulnerability is identified as CVE-2026-48221 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.