[MEDIUM] Magento Insecure Direct Object Reference (IDOR) in the product module

PKSA-tw4y-fk6r-w8j9 CVE-2021-21022 GHSA-8pfq-g48p-x7w8

Affected package: magento/community-edition

Affected version: >=2.4.0,<2.4.1-p1|<2.3.6-p1

Reported by:
GitHub