[CRITICAL] Magento has an XML Injection vulnerability

PKSA-py55-xtc9-n1vr CVE-2021-36028 GHSA-5pjj-7fq8-9gpf

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub