CVE-2026-35009 | openises tickets up to 3.44.1 URL add_note.php ticket_id cross site scripting

A vulnerability, which was classified as problematic, has been found in openises tickets up to 3.44.1. The affected element is an unknown function of the file add_note.php of the component URL Handler. Performing a manipulation of the argument ticket_id results in cross site scripting.

This vulnerability was named CVE-2026-35009. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More