Colorbox Project Colorbox — known CVE vulnerabilities
Every CVE whose affected-product data names Colorbox Project Colorbox, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-3900 — CVSS 6.1 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site…
CVE-2015-7881 — CVSS 3.5 (low): The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access…