[MEDIUM] Magento Improper Access Control leads to security feature bypass

PKSA-frp2-4m6z-72bk CVE-2025-27206 GHSA-g2pj-xmxq-3r9q

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub