CVE-2026-35010 | openises tickets up to 3.44.1 URL patient_JF.php ticket_id cross site scripting

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability, which was classified as problematic, was found in openises tickets up to 3.44.1. The impacted element is an unknown function of the file patient_JF.php of the component URL Handler. Executing a manipulation of the argument ticket_id can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-35010. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-35010 | openises tickets up to 3.44.1 URL patient_JF.php ticket_id cross site scripting

Post correlati

CVE-2024-24450 | OpenAirInterface CN5G AMF up to 2.0.0 ngap_handle_pdu_session_resource_setup_response buffer overflow

CVE-2025-40677 | Summar Portal del Empleado 3.98.0 POST Request quienesquien.aspx ctl00$ContentPlaceHolder1$filtroNombre sql injection

CVE-2024-8046 | Logo Showcase Ultimate PLugin up to 1.4.1 on WordPress SVG File Upload cross site scripting

CVE-2023-49587 | SAP Solution Manager 720 command injection