[MEDIUM] WWBN AVideo: Unauthenticated Reflected XSS via $_GET['search'] in AVideo YouTubeAPI Gallery Pagination

PKSA-s76b-xf2h-zmsc CVE-2026-50182 GHSA-hgjh-6wj8-gcgf

Affected package: wwbn/avideo

Affected version: <=29.0

Reported by:
GitHub