CVE-2026-35015
Received Received - Intake
Reflected XSS in Open ISES Tickets

Publication date: 2026-05-20

Last updated on: 2026-05-20

Assigner: VulnCheck

Description
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in do_unit_mail.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the the_ticket GET parameter directly into a JavaScript variable assignment. Attackers can craft a malicious URL containing a JavaScript payload in the the_ticket parameter that executes in the victim's browser when the URL is visited.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-20
Generated
2026-05-21
AI Q&A
2026-05-20
EPSS Evaluated
N/A
NVD
CVE-2026-35015
EUVD
EUVD-2026-31188
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

This vulnerability can allow attackers to execute arbitrary JavaScript in the context of a victim's browser. This can lead to unauthorized actions such as stealing session cookies, performing actions on behalf of the user, or redirecting the user to malicious sites. Since the attacker must be authenticated, the risk is somewhat limited, but it still poses a medium severity threat as indicated by the CVSS score of 5.1.


Can you explain this vulnerability to me?

CVE-2026-35015 is a reflected cross-site scripting (XSS) vulnerability found in Open ISES Tickets versions before 3.44.2, specifically in the do_unit_mail.php file. It occurs because the 'the_ticket' GET parameter is not properly sanitized before being inserted into a JavaScript variable. This allows an authenticated attacker to craft a malicious URL containing arbitrary JavaScript code that executes in the victim's browser when the URL is visited.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying attempts to access the do_unit_mail.php page with the 'the_ticket' GET parameter containing suspicious or malicious JavaScript code.

You can monitor web server logs or use network traffic inspection tools to look for URLs matching the pattern: do_unit_mail.php?the_ticket= followed by JavaScript payloads.

  • Use grep or similar commands on web server logs to find suspicious requests, for example: grep 'do_unit_mail.php?the_ticket=' /var/log/apache2/access.log
  • Use a web vulnerability scanner or proxy tool to test the do_unit_mail.php endpoint by injecting JavaScript payloads in the_ticket parameter and observing if the payload executes.

What immediate steps should I take to mitigate this vulnerability?

The immediate step to mitigate this vulnerability is to upgrade Open ISES Tickets to version 3.44.2 or later, where the issue has been fixed.

Until the upgrade is applied, restrict access to the vulnerable do_unit_mail.php page to trusted users only, and consider implementing web application firewall (WAF) rules to block requests containing suspicious JavaScript in the_ticket parameter.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart