CVE-2019-18642 — CVSS 9.8 (critical): Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The…
CVE-2019-18643 — CVSS 9.8 (critical): Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only…