[HIGH] Shopware: Unauthenticated data extraction possible through store-api.order endpoint

PKSA-1d39-xhww-sgwf CVE-2026-31887 GHSA-7vvp-j573-5584

Affected package: shopware/core

Affected version: <6.6.10.15|>=6.7.0.0,<6.7.8.1

Reported by:
GitHub