[MEDIUM] Magento Open Source allows SQL Injection

PKSA-397d-r1wd-gxct CVE-2023-38221 GHSA-ggr8-3hwx-4f2m

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub