← Back

CVE-2015-7881

nvd nist
Published: Oct 26, 2015Modified: May 6, 2026

JSON object

Loading...
3.5
Vector
AV:N/AC:M/Au:S/C:N/I:P/A:N
Exploitability: 6.8 / Impact: 2.9
Source: NVD

Description

The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and "add unexpected content to a Colorbox" via unspecified vectors, possibly related to a link in a comment.

Affected (10)

Colorbox Project
1 product
Colorbox
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Colorbox Project
Colorbox
Version 7.x-2.0
Colorbox
Version 7.x-2.1
Colorbox
Version 7.x-2.2
Colorbox
Version 7.x-2.3
Colorbox
Version 7.x-2.4
Colorbox
Version 7.x-2.5
Colorbox
Version 7.x-2.6
Colorbox
Version 7.x-2.7
Colorbox
Version 7.x-2.8
Colorbox
Version 7.x-2.9

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.