[HIGH] AVideo Affected by Stored XSS via Unescaped Video Title in CDN downloadButtons.php

PKSA-7zcq-fgdd-9176 CVE-2026-33295 GHSA-gc3m-4mcr-h3pv

Affected package: wwbn/avideo

Affected version: <=25.0

Reported by:
GitHub