A vulnerability was found in openises Tickets up to 3.44.1 . It has been rated as problematic . Affected by this vulnerability is an unknown functionality of the file delete_module.php of the component Request Handler . The manipulation of the argument module_choice/flag/confirmation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-48217 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.