[MEDIUM] Magento Open Source allows Cross-Site Request Forgery (CSRF)

PKSA-sqnp-kpv9-3k99 CVE-2021-39864 GHSA-94wq-87g6-8h77

Affected package: magento/community-edition

Affected version: =2.4.2|<=2.3.7-p1|=2.4.3|>=2.4.2-p1,<=2.4.2-p2

Reported by:
GitHub