2 matches found
CVE-2026-33763
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getapivideopasswordiscorrect API endpoint allows any unauthenticated user to verify whether a given password is correct for any password-protected video. The endpoint returns a boolean passwordIsCorrect field...
CVE-2026-33763
CVE-2026-33763 affects WWBN AVideo up to version 26.0. The vulnerability is in the get_api_video_password_is_correct endpoint, which allows any unauthenticated user to verify whether a video password is correct for any password‑protected video. The endpoint returns a boolean passwordIsCorrect wit...