[MEDIUM] AVideo has Stored Cross-Site Scripting via Markdown Comment Injection

PKSA-zj1v-1r3y-vnpg CVE-2026-27568 GHSA-rcqw-6466-3mv7

Affected version: <21.0

Reported by:
GitHub