[MEDIUM] AVideo vulnerable to Stored XSS via html_entity_decode() Reversing xss_esc() Sanitization in Channel About Field

PKSA-cx3j-v85y-y9tv CVE-2026-33683 GHSA-ghx5-7jjg-q2j7

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub