Tag
WWBN AVideo versions 29.0 and below are vulnerable to Server-Side Request Forgery (SSRF) due to an insufficient hostname check in the `isSSRFSafeURL()` function, allowing attackers to reach arbitrary ports on the AVideo server and exfiltrate data.