CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Colorbox Project: >> Colorbox Security Vulnerabilities

CVE-2025-3900

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site Scripting (XSS).This issue affects Colorbox: from 0.0.0 before 2.1.3.

CVSS Score

6.1

EPSS Score

0.0

Published

2025-04-23

CVE-2015-7881

The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and "add unexpected content to a Colorbox" via unspecified vectors, possibly related to a link in a comment.

CVSS Score

3.5

EPSS Score

0.001

Published

2015-10-26

Page 1

Vulnerabilities

Vulnerable Software

Colorbox Project: >> Colorbox Security Vulnerabilities

Products

Pricing

Contact Us