[MEDIUM] Storefront user can access history and most viewed data from matching back-office user with the same ID

PKSA-xms8-dtv5-ztwd CVE-2023-48296 GHSA-v7px-46v9-5qwp

Affected version: >=5.1.0,<=5.1.3|>=5.0.0,<=5.0.11|>=4.2.0,<=4.2.10|>=4.1.0,<=4.1.13

Reported by:
GitHub

[MEDIUM] OroCommerce Customer Portal Incorrect Customer and Customer Group Frontend Menus pages visibility

PKSA-5ddy-25vh-b9qz CVE-2023-32064 GHSA-8gwj-68w6-7v6c

Affected version: >=5.1.0,<5.1.1|>=5.0.0,<5.0.11|>=4.2.0,<=4.2.8

Reported by:
GitHub