CVE-2026-36748 | RockRMS up to 16.13/17.7.0 User Profile cross site scripting

Inserito da Angelo Barbosa | Giu 3, 2026 | CVE

A vulnerability was found in RockRMS up to 16.13/17.7.0. It has been classified as problematic. Affected by this issue is some unknown functionality of the component User Profile Handler. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2026-36748. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-36748 | RockRMS up to 16.13/17.7.0 User Profile cross site scripting

Post correlati

CVE-2024-28194 | Yooooomi your_spotify up to 1.7.x JSON Web Token hard-coded credentials (GHSA-gvcr-g265-j827)

CVE-2025-9782 | TOTOLINK A702R 4.0.0-B20211108.1423 formOneKeyAccessButton sub_4466F8 submit-url buffer overflow

CVE-2025-24598 | brandtoss WP Mailster Plugin up to 1.8.17.0 on WordPress cross site scripting

CVE-2026-3838 | Unraid 6.8.0/7.0.0/7.0.1 Request Path path traversal