[MEDIUM] Magento Open Source allows SQL Injection

PKSA-qg8c-sscf-zdxj CVE-2023-38249 GHSA-rq36-9f5f-2gw7

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub