The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and "add unexpected content to a Colorbox" via unspecified vectors, possibly related to a link in a comment.
Credit:
The information has been provided by znerol.
Vulnerable Systems:
* Colorbox module 7.x-2.x before 7.x-2.10
Immune Systems:
* Colorbox module 7.x-2.x after 7.x-2.10
The Colorbox module for Drupal is prone to an access-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions.