[CRITICAL] WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Execution via Client-Side eval() Sinks

PKSA-zr2c-vrf1-x6qy GHSA-gph2-j4c9-vhhr

Affected package: wwbn/avideo

Affected version: <=29.0

Reported by:
GitHub