CVE-2025-34438
Summary: CVE-2025-34438 affects AVideo versions prior to 20.1. It is an insecure direct object reference (IDOR) where users with upload permissions can modify the rotation metadata of arbitrary videos because the endpoint verifies upload capability but fails to enforce ownership/administrative ri...