[HIGH] AVideo has Authenticated Server-Side Request Forgery via downloadURL in aVideoEncoder.json.php

PKSA-mpqq-rw7h-r6qr CVE-2026-27732 GHSA-h39h-7cvg-q7j6

Affected package: wwbn/avideo

Affected version: <=21.0.0

Reported by:
GitHub