Security Advisories - PKSA-vk2g-xd67-4rwx - Packagist

PKSA-vk2g-xd67-4rwx Security Advisory

[CRITICAL] Magento has an XML Injection vulnerability

PKSA-vk2g-xd67-4rwx CVE-2021-36028 GHSA-5pjj-7fq8-9gpf

Affected package: magento/community-edition

Affected version: =2.4.2|>=2.4.2-p1,<2.4.2-p2|=2.3.7|<2.3.7-p1

Reported by:
GitHub