A vulnerability has been found in openises Tickets up to 3.44.1 and classified as problematic . The impacted element is an unknown function of the file ticketsmdb_import.php . This manipulation of the argument mdbhost/mdbdb/mdbuser/mdbpassword/mdbprefix/ticketshost/ticketsdb/ticketsuser/ticketspassword/ticketsprefix causes cross site scripting. This vulnerability appears as CVE-2026-48230 . The attack may be initiated remotely. There is no available exploit. The affected component should be upgr