[MEDIUM] Magento Open Source allows Cross-Site Request Forgery (CSRF)

PKSA-6y86-wy76-rrg6 CVE-2024-20718 GHSA-hqgj-4396-hmxv

Affected package: magento/community-edition

Affected version: >=2.4.4-p1,<2.4.4-p7|>=2.4.5-p1,<2.4.5-p6|>=2.4.6-p1,<2.4.6-p4|=2.4.4|=2.4.5|=2.4.6

Reported by:
GitHub