VYPR

Vendor CVEs

Openises

All CVEs

55 total · sorted by risk
  • CVE-2026-35011MedMay 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_call GET parameter directly into page output. Attackers can…

  • CVE-2026-35010MedMay 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_JF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a JavaScript variable…

  • CVE-2026-35009MedMay 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_note.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a hidden input field VALUE…

  • CVE-2026-35008MedMay 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into an HTML attribute. Attackers…

  • CVE-2026-35007MedMay 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single_unit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML attribute. Attackers…

Page 2 of 2