[MEDIUM] Unauthenticated Reflected XSS via innerHTML in AVideo

PKSA-qj1g-pbwp-h996 CVE-2026-33035 GHSA-wfq5-qgqp-hvhv

Affected package: wwbn/avideo

Affected version: <=25.0

Reported by:
GitHub