Security Advisories - PKSA-8xbp-3ytm-qmsr - Packagist

PKSA-8xbp-3ytm-qmsr Security Advisory

[MEDIUM] Magento Improper Access Control leads to Security feature bypass

PKSA-8xbp-3ytm-qmsr CVE-2025-27190 GHSA-6wq7-cg9h-mj6q

Affected package: magento/community-edition

Affected version: =2.4.7|=2.4.6|=2.4.4|=2.4.5|>=2.4.8-beta1,<2.4.8-beta2|<2.4.4-p13|>=2.4.5-p1,<2.4.5-p12|>=2.4.6-p1,<2.4.6-p10|>=2.4.7-beta1,<2.4.7-p5

Reported by:
GitHub