PKSA-njqv-gp7y-zc74 Security Advisory
-
[MEDIUM] Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
PKSA-njqv-gp7y-zc74 CVE-2021-21027 GHSA-h4xc-577p-hgj9
Affected package: magento/community-edition
Affected version: >=2.4.0,<2.4.2|<2.3.6-p1
Reported by:
GitHub