[MEDIUM] Magento Open Source allows Cross-Site Request Forgery (CSRF)

PKSA-f81b-kr8n-1cqx CVE-2021-39864 GHSA-94wq-87g6-8h77

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub