[MEDIUM] AVideo has Unauthenticated Information Disclosure of User Group Permission Mappings via Permissions Plugin

PKSA-93k3-9zdh-zky7 CVE-2026-33501 GHSA-96qp-8cmq-jvq8

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub