CVE-2025-34441

7.5HIGH

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabli

发布于: 12/17/2025更新于: 12/19/2025
在NVD查看在MITRE查看

描述

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations.

AI分析AI驱动

受影响产品

wwbnavideo

参考资料