Please do not report security vulnerabilities through public GitHub issues.

Instead, please e-mail [email protected] with the following details:

• Type of issue (e.g. SQL injection, cross-site scripting, etc.)
• Full paths of source code file(s) related to the manifestation of the issue
• The location of the affected source code (tag, branch, commit or direct URL)
• Any non-standard configuration required to reproduce the issue
• Step-by-step instructions of how to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker could exploit the issue
• Magento or Adobe Commerce version
• PHP version

Note: Please verify if the issue is reproducible in a new Magento or Adobe Commerce environment without any extensions installed and with only default configurations.