CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33296

WWBN AVideo is an open source video platform. Prior to version 26.0, WWBN/AVideo contains an open redirect vulnerability in the login flow where a user-supplied redirectUri parameter is reflected directly into a JavaScript `document.location` assignment without JavaScript-safe encoding. After a user completes the login popup flow, a timer callback executes the redirect using the unvalidated value, sending the victim to an attacker-controlled site. Version 26.0 fixes the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.3%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2026-33296

Wwbn » Avideo » Version: N/A

cpe:2.3:a:wwbn:avideo:-
Wwbn » Avideo » Version: 10.1

cpe:2.3:a:wwbn:avideo:10.1
Wwbn » Avideo » Version: 10.2

cpe:2.3:a:wwbn:avideo:10.2
Wwbn » Avideo » Version: 10.4

cpe:2.3:a:wwbn:avideo:10.4
Wwbn » Avideo » Version: 10.8

cpe:2.3:a:wwbn:avideo:10.8
Wwbn » Avideo » Version: 11

cpe:2.3:a:wwbn:avideo:11
Wwbn » Avideo » Version: 11.1

cpe:2.3:a:wwbn:avideo:11.1
Wwbn » Avideo » Version: 11.1.1

cpe:2.3:a:wwbn:avideo:11.1.1
Wwbn » Avideo » Version: 11.5

cpe:2.3:a:wwbn:avideo:11.5
Wwbn » Avideo » Version: 11.6

cpe:2.3:a:wwbn:avideo:11.6
Wwbn » Avideo » Version: 12.4

cpe:2.3:a:wwbn:avideo:12.4
Wwbn » Avideo » Version: 14.2

cpe:2.3:a:wwbn:avideo:14.2
Wwbn » Avideo » Version: 14.3

cpe:2.3:a:wwbn:avideo:14.3
Wwbn » Avideo » Version: 14.3.1

cpe:2.3:a:wwbn:avideo:14.3.1
Wwbn » Avideo » Version: 14.4

cpe:2.3:a:wwbn:avideo:14.4
Wwbn » Avideo » Version: 2.2

cpe:2.3:a:wwbn:avideo:2.2
Wwbn » Avideo » Version: 2.4

cpe:2.3:a:wwbn:avideo:2.4
Wwbn » Avideo » Version: 2.7

cpe:2.3:a:wwbn:avideo:2.7
Wwbn » Avideo » Version: 3.4

cpe:2.3:a:wwbn:avideo:3.4
Wwbn » Avideo » Version: 3.4.1

cpe:2.3:a:wwbn:avideo:3.4.1
Wwbn » Avideo » Version: 4.0

cpe:2.3:a:wwbn:avideo:4.0
Wwbn » Avideo » Version: 4.0.1

cpe:2.3:a:wwbn:avideo:4.0.1
Wwbn » Avideo » Version: 4.0.2

cpe:2.3:a:wwbn:avideo:4.0.2
Wwbn » Avideo » Version: 5.0

cpe:2.3:a:wwbn:avideo:5.0
Wwbn » Avideo » Version: 6.5

cpe:2.3:a:wwbn:avideo:6.5
Wwbn » Avideo » Version: 7.2

cpe:2.3:a:wwbn:avideo:7.2
Wwbn » Avideo » Version: 7.3

cpe:2.3:a:wwbn:avideo:7.3
Wwbn » Avideo » Version: 7.4

cpe:2.3:a:wwbn:avideo:7.4
Wwbn » Avideo » Version: 7.5

cpe:2.3:a:wwbn:avideo:7.5
Wwbn » Avideo » Version: 7.6

cpe:2.3:a:wwbn:avideo:7.6
Wwbn » Avideo » Version: 7.7

cpe:2.3:a:wwbn:avideo:7.7
Wwbn » Avideo » Version: 7.8

cpe:2.3:a:wwbn:avideo:7.8
Wwbn » Avideo » Version: 8.1

cpe:2.3:a:wwbn:avideo:8.1
Wwbn » Avideo » Version: 8.5

cpe:2.3:a:wwbn:avideo:8.5
Wwbn » Avideo » Version: 8.6

cpe:2.3:a:wwbn:avideo:8.6
Wwbn » Avideo » Version: 8.7

cpe:2.3:a:wwbn:avideo:8.7
Wwbn » Avideo » Version: 8.9

cpe:2.3:a:wwbn:avideo:8.9
Wwbn » Avideo » Version: 8.9.1

cpe:2.3:a:wwbn:avideo:8.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33296

Products

Pricing

Contact Us