[MEDIUM] Magento Open Source allows Incorrect Authorization

PKSA-wdj5-zdxc-xvxp CVE-2023-29290 GHSA-qw5m-vmp3-f553

Affected package: magento/community-edition

Affected version: >=2.4.4-p1,<2.4.4-p4|>=2.4.5-p1,<2.4.5-p3|=2.4.4|=2.4.5|=2.4.6

Reported by:
GitHub