[HIGH] AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

PKSA-pcdx-pg9p-v4gz CVE-2026-33043 GHSA-qc3p-398r-p59j

Affected package: wwbn/avideo

Affected version: <=25.0

Reported by:
GitHub