A vulnerability was found in openises Tickets up to 3.44.1 . It has been declared as problematic . Affected is an unknown function of the file circle.php of the component Request Handler . Executing a manipulation of the argument frm_id can lead to cross site scripting. This vulnerability is handled as CVE-2026-48215 . The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.