[MEDIUM] AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()

PKSA-x77f-z8vb-hbfr CVE-2026-33690 GHSA-8p2x-5cpm-qrqw

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub