A vulnerability labeled as problematic has been found in openises Tickets up to 3.44.1 . This vulnerability affects unknown code of the file ics205.php of the component Request Handler . Such manipulation of the argument frm_add_str leads to cross site scripting. This vulnerability is referenced as CVE-2026-48220 . It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.