A vulnerability categorized as critical has been discovered in openises Tickets up to 3.44.1 . This impacts an unknown function of the file ajax/fullsit_incidents.php of the component SELECT Statement Handler . Executing a manipulation of the argument offset can lead to sql injection. The identification of this vulnerability is CVE-2026-48232 . The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.