GHSA-hg7g-56h5-5pqr: CAPTCHA Bypass in WWBN/AVideo via Attacker-Controlled Length Parameter and Missing Token Invalidation on Failure

April 14, 2026

This advisory has been withdrawn.

References

github.com/WWBN/AVideo
github.com/WWBN/AVideo/commit/bf1c76989e6a9054be4f0eb009d68f0f2464b453
github.com/WWBN/AVideo/security/advisories/GHSA-hg7g-56h5-5pqr
github.com/advisories/GHSA-hg7g-56h5-5pqr

Code Behaviors & Features

Detect and mitigate GHSA-hg7g-56h5-5pqr with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →