CVE-2026-36748

Blog Archive Tag

The Exploit: Penetration Testing Insights From The Frontlines

CVE-2026-36748

Raxis Discovered Vulnerabilities, Exploits, In The News, Web Apps

CVE-2026-36748: XSS in Rock RMS Leads to Privilege Escalation
By Jason Taylor Raxis Lead Pentester Jason Taylor recently discovered CVE-2026-36748, a high-risk XSS vulnerability in Rock RMS that allows privilege escalation to admin. June 1, 2026

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

+1 678.421.4544