A vulnerability classified as critical has been found in openises Tickets up to 3.44.1 . This vulnerability affects unknown code of the file ajax/mobile_main.php of the component SELECT Statement Handler . Performing a manipulation of the argument ID results in sql injection. This vulnerability is cataloged as CVE-2026-48238 . It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.