Magento Commerce is designed to provide a best-in-class shopping experience without the need for developer support.A cross-site request forgery vulnerability exists in Adobe Magento Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier, and 2.3.7p1 and earlier. The vulnerability stems from a program that does not adequately validate the source of HTTP requests. A remote attacker could use this vulnerability to trick a victim user into visiting a specially crafted web page and perform arbitrary actions while impersonating the victim.