A vulnerability categorized as problematic has been discovered in openises Tickets up to 3.44.1 . Affected by this issue is some unknown functionality of the file icons/buttons/landb.php of the component Request Handler . The manipulation of the argument frm_name/frm_id results in cross site scripting. This vulnerability was named CVE-2026-48218 . The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.