CVE-2026-36748

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score

9.0 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H                                    

RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile.

Published Date

June 03, 2026

Last Modified

June 04, 2026

CWE ID

CWE-79

Source

NVD