Security Advisories - wwbn/avideo - Packagist

wwbn/avideo Security Advisories for 11.1.1 (6)

WWBN AVideo command injection vulnerability

CVE-2023-32073

Affected version: <=12.4

Reported by:
GitHub
WWBN/AVideo stored XSS vulnerability leads to takeover of any user's account, including admin's account

CVE-2023-30860

Affected version: <12.4

Reported by:
GitHub
Remote code injection in wwbn/avideo

CVE-2023-30854

Affected version: <12.4

Reported by:
GitHub
Cross site scripting (XSS) in wwbn/avideo

Affected version: <12.4

Reported by:
GitHub
AVideo contains Command injection when embedding a video link

CVE-2023-25313

Affected version: <12.4

Reported by:
GitHub
Open redirect in wwbn/avideo

CVE-2022-27463

Affected version: <=11.6

Reported by:
GitHub