[MEDIUM] Magento observable timing discrepancy vulnerability

PKSA-sgbm-w22w-8y5q CVE-2020-9690 GHSA-xgp9-j48h-jjf9

Affected package: magento/community-edition

Affected version: <2.3.5-p2

Reported by:
GitHub