CVE-2023-29297 code commit with magento 2.4.4p4 && magento 2.4.4p2

[yihang861]

Description

Hi Bro,
I found an Adobe Security Bulletin .
https://helpx.adobe.com/security/products/magento/apsb23-35.html.
for Cross-site Scripting (Stored XSS) (CWE-79).
I cannot found the code commit with this issue.
May I know the CVE-2023-29297 details with the code change different magento2.4.4p2 and magento2.4.4p4 ?
or can any one send the git link about this?
tks.

Expected behavior

CVE-2023-29297 code change detail diffenent magento2.4.4p2 with magento 2.4.4p4

Benefits

No response

Additional information

No response

Release note

No response

[m2-assistant]

Hi @yihang861. Thank you for your report.
To speed up processing of this issue, make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, Add a comment to the issue:

• @magento give me 2.4-develop instance - upcoming 2.4.x release
• For more details, review the Magento Contributor Assistant documentation.
• Add a comment to assign the issue: @magento I am working on this
• To learn more about issue processing workflow, refer to the Code Contributions.

---

Join Magento Community Engineering Slack and ask your questions in #github channel.
⚠️ According to the Magento Contribution requirements, all issues must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting.
🕙 You can find the schedule on the Magento Community Calendar page.
📞 The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, join the Community Contributions Triage session to discuss the appropriate ticket.

[engcom-Bravo]

Hi @yihang861,

Thanks for your reporting and collaboration.

Please go through with this document https://helpx.adobe.com/in/security/products/magento/apsb23-35.html and you will get the details.Here the forum for tackle magento core issues.

Hence we are closing this issue.

Thanks.