CVE-2021-36030
Magento Commerce before 2.4.2-p1 and 2.3.7 (and earlier 2.4.2) contain an improper input validation flaw during checkout that can let an unauthenticated attacker alter item prices. This is documented across multiple sources (NVD entry CVE-2021-36030, GHSA/RHFF-65HP-55RW, OSV, and related advisori...