Security Advisories - PKSA-w3p3-6vqg-qcmr - Packagist

PKSA-w3p3-6vqg-qcmr Security Advisory

[MEDIUM] Magento Improper Authorization vulnerability

PKSA-w3p3-6vqg-qcmr CVE-2025-27188 GHSA-rr2g-rrjj-xw86

Affected package: magento/community-edition

Affected version: >=2.4.8-beta1,<2.4.8|=2.4.7|>=2.4.7-p1,<2.4.7-p5|>=2.4.6-p1,<2.4.6-p10|>=2.4.5-p1,<2.4.5-p12|=2.4.6|=2.4.5|=2.4.4|<2.4.4-p13

Reported by:
GitHub