[LOW] Magento Open Source allows XML Injection

PKSA-ct4k-m4vs-nphf CVE-2023-38207 GHSA-rpv2-g4pc-wp72

Affected package: magento/community-edition

Affected version: >=2.4.4-p1,<2.4.4-p5|>=2.4.5-p1,<2.4.5-p4|=2.4.6-p1|=2.4.4|=2.4.5|=2.4.6

Reported by:
GitHub