[MEDIUM] Magento Open Source allows XML Injection

PKSA-mdth-chdg-v9sw CVE-2023-29289 GHSA-wh42-8r2w-873x

Affected package: magento/community-edition

Affected version: >=2.4.4-p1,<2.4.4-p4|>=2.4.5-p1,<2.4.5-p3|=2.4.4|=2.4.5|=2.4.6

Reported by:
GitHub