CVE-2026-48230 | openises Tickets up to 3.44.1 ticketsmdb_import.php cross site scripting

A vulnerability has been found in openises Tickets up to 3.44.1 and classified as problematic. The impacted element is an unknown function of the file ticketsmdb_import.php. This manipulation of the argument mdbhost/mdbdb/mdbuser/mdbpassword/mdbprefix/ticketshost/ticketsdb/ticketsuser/ticketspassword/ticketsprefix causes cross site scripting.

This vulnerability appears as CVE-2026-48230. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-48230 | openises Tickets up to 3.44.1 ticketsmdb_import.php cross site scripting

Post correlati

CVE-2024-47358 | Popup Maker Plugin up to 1.19.2 on WordPress authorization

CVE-2026-7737 | osrg GoBGP up to 4.3.0 BMP Parser pkg/packet/bmp/bmp.go out-of-bounds

CVE-2025-69647 | GNU Binutils up to 2.45.1 DWARF Parser denial of service

CVE-2025-26819 | Monero up to 0.18.3.4 allocation of resources