[MEDIUM] Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies

PKSA-jcpc-gqzs-vckj CVE-2021-28556 GHSA-39ch-rg26-gmq5

Affected package: magento/project-community-edition

Affected version: <=2.0.2

Reported by:
GitHub