[MEDIUM] Shopware 6 allows attackers to check for registered accounts through the store-api

PKSA-dbxn-psgm-2qmr CVE-2025-30150 GHSA-hh7j-6x3q-f52h

Affected package: shopware/core

Affected version: <6.5.8.17|>=6.7.0.0-rc1,<6.7.0.0-rc2|>=6.6.0.0,<6.6.10.3

Reported by:
GitHub