[MEDIUM] Magento Improper Authorization vulnerability in the customers module

PKSA-98vv-8nyb-ffc5 CVE-2021-28567 GHSA-cc3w-r3w8-hfh7

Affected package: magento/community-edition

Affected version: <2.3.7|>=2.4.0,<2.4.2-p1

Reported by:
GitHub