CVE-2026-33764
Received Received - Intake
Insecure Direct Object Reference in WWBN AVideo AI Plugin

Publication date: 2026-03-27

Last updated on: 2026-03-31

Assigner: GitHub, Inc.

Description
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's `save.json.php` endpoint loads AI response objects using an attacker-controlled `$_REQUEST['id']` parameter without validating that the AI response belongs to the specified video. An authenticated user with AI permissions can reference any AI response ID β€” including those generated for other users' private videos β€” and apply the stolen AI-generated content (titles, descriptions, keywords, summaries, or full transcriptions) to their own video, effectively exfiltrating the information. Commit aa2c46a806960a0006105df47765913394eec142 contains a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-03-31
Generated
2026-06-16
AI Q&A
2026-03-27
EPSS Evaluated
2026-06-14
NVD
CVE-2026-33764
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wwbn avideo to 26.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-33764 is an Insecure Direct Object Reference (IDOR) vulnerability in the AI plugin of the WWBN AVideo platform. The vulnerability occurs in the `save.json.php` endpoint, where an authenticated user with AI permissions can supply an attacker-controlled parameter to load AI-generated metadata or transcription responses without verifying that these responses belong to the specified video.

Specifically, the code checks if the user can edit the target video but then loads AI response objects based on a separate user-controlled ID parameter without validating ownership. This allows an attacker to reference AI response IDs generated for other users' private videos and apply the stolen AI-generated contentβ€”such as titles, descriptions, keywords, summaries, or full transcriptionsβ€”to their own videos.

This effectively enables exfiltration of private AI-generated content from other users' videos without accessing the original video files.

Impact Analysis

This vulnerability can lead to a confidentiality breach by allowing attackers to steal AI-generated metadata and full transcriptions of private videos.

  • Attackers can exfiltrate titles, descriptions, keywords, summaries, and content ratings from private videos.
  • Full spoken content can be revealed through stolen VTT subtitle transcriptions.
  • The attack requires low complexity and only low privilegesβ€”any authenticated user with AI permissions and at least one editable video can exploit it.
  • The vulnerability allows trivial enumeration of AI response IDs to harvest AI-generated content platform-wide.
Detection Guidance

This vulnerability can be detected by checking if an authenticated user with AI permissions can access or apply AI-generated metadata or transcriptions from videos they do not own by manipulating the `id` parameter in requests to the `save.json.php` endpoint of the AI plugin.

A practical detection method involves attempting to enumerate AI response IDs (which are sequential integers) and sending requests that specify these IDs along with the user's own editable video ID to see if AI-generated content from other users' private videos can be retrieved or applied.

Example commands (conceptual) to test this behavior include sending HTTP POST requests to the `save.json.php` endpoint with parameters like `id` set to different AI response IDs and `videos_id` set to the attacker's video ID, then observing if metadata or transcription content from other users is applied or returned.

Mitigation Strategies

Immediate mitigation involves applying the patch that enforces ownership validation of AI responses in the `save.json.php` endpoint.

  • Modify the code to load the parent AI response record after loading an AI metatag or transcription response.
  • Verify that the video ID associated with the parent AI response matches the video ID specified in the request.
  • If the video IDs do not match, deny access by returning a forbidden error, preventing unauthorized association or exfiltration of AI-generated content.

This fix is implemented in commit aa2c46a806960a0006105df47765913394eec142 and should be applied promptly to prevent exploitation.

Compliance Impact

The vulnerability allows authenticated users with AI permissions to exfiltrate AI-generated metadata and full transcriptions from private videos belonging to other users. This results in unauthorized disclosure of potentially sensitive or private information.

Such unauthorized access and exposure of private user data could lead to non-compliance with data protection regulations like GDPR or HIPAA, which require strict controls on access to personal or sensitive information and mandate protection against unauthorized disclosure.

Because the vulnerability enables confidentiality breaches through improper authorization checks, organizations using affected versions of WWBN AVideo may face risks related to regulatory compliance concerning data privacy and confidentiality.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33764. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart