CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8493

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Colorbox Inline allows Cross-Site Scripting (XSS). This issue affects Colorbox Inline: from 0.0.0 before 2.1.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.8%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.drupal.org/sa-contrib-2026-036

Products affected by CVE-2026-8493

Colorbox Inline Project » Colorbox Inline » Version: 1.0

cpe:2.3:a:colorbox_inline_project:colorbox_inline:1.0
Colorbox Inline Project » Colorbox Inline » Version: 1.1

cpe:2.3:a:colorbox_inline_project:colorbox_inline:1.1
Colorbox Inline Project » Colorbox Inline » Version: 1.2

cpe:2.3:a:colorbox_inline_project:colorbox_inline:1.2
Colorbox Inline Project » Colorbox Inline » Version: 2.0.0

cpe:2.3:a:colorbox_inline_project:colorbox_inline:2.0.0
Colorbox Inline Project » Colorbox Inline » Version: 2.0.1

cpe:2.3:a:colorbox_inline_project:colorbox_inline:2.0.1
Colorbox Inline Project » Colorbox Inline » Version: 2.1.0

cpe:2.3:a:colorbox_inline_project:colorbox_inline:2.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8493

Products

Pricing

Contact Us