[MEDIUM] Magento Open Source allows Incorrect Authorization

PKSA-4sd4-zdhg-q6p3 CVE-2023-29290 GHSA-qw5m-vmp3-f553

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub