[HIGH] Magento affected by remote code execution via a file upload

PKSA-v8mk-r9pr-d7y4 CVE-2021-36034 GHSA-j46h-qjjv-cxfj

Affected package: magento/community-edition

Affected version: <2.3.7-p1|=2.3.7|>=2.4.2-p1,<2.4.2-p2|=2.4.2

Reported by:
GitHub