Security Advisories - PKSA-x76v-gf6x-15jx - Packagist

PKSA-x76v-gf6x-15jx Security Advisory

[MEDIUM] Magento Improper Access Control leads to Security feature bypass

PKSA-x76v-gf6x-15jx CVE-2025-27191 GHSA-vhcq-4xrm-2cr2

Affected package: magento/community-edition

Affected version: =2.4.7|=2.4.6|=2.4.4|=2.4.5|>=2.4.8-beta1,<2.4.8-beta2|<2.4.4-p13|>=2.4.5-p1,<2.4.5-p12|>=2.4.6-p1,<2.4.6-p10|>=2.4.7-beta1,<2.4.7-p5

Reported by:
GitHub