[MEDIUM] AVideo - Incomplete Fix for CVE-2026-27568: Stored XSS via Markdown `javascript:` URI Bypasses ParsedownSafeWithLinks Sanitization

PKSA-fjmv-8jwk-wtsg CVE-2026-33500 GHSA-72h5-39r7-r26j

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub