CVE-2026-35011 | openises tickets up to 3.44.1 URL opena.php frm_call cross site scripting

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability has been found in openises tickets up to 3.44.1 and classified as problematic. This affects an unknown function of the file opena.php of the component URL Handler. The manipulation of the argument frm_call leads to cross site scripting.

This vulnerability is referenced as CVE-2026-35011. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-35011 | openises tickets up to 3.44.1 URL opena.php frm_call cross site scripting

Post correlati

CVE-2024-35234 | Discourse up to 3.2.2/3.3.0.beta2 Meta Tag cross site scripting (GHSA-5chg-hm8c-wc58)

CVE-2025-21533 | Oracle VM VirtualBox up to 7.0.23/7.1.5 Core improper authorization

CVE-2025-10325 | Wavlink WL-WN578W2 221110 /cgi-bin/login.cgi sub_401340 ipaddr command injection

CVE-2023-49528 | FFmpeg 6.1-3-g466799d4f5 de_stereo af_dialoguenhance.c denial of service (ID 10691)