[MEDIUM] Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API

PKSA-nr3b-gd6w-ssxv CVE-2021-21027 GHSA-h4xc-577p-hgj9

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub