[HIGH] Magento stored cross-site scripting (XSS) in the customer address upload feature

PKSA-7rd2-y8tt-4pxt CVE-2021-21030 GHSA-6988-g89m-27vf

Affected package: magento/community-edition

Affected version: >=2.4.0,<2.4.1-p1|<2.3.6

Reported by:
GitHub