[MEDIUM] Shopware: Privilege Escalation via Sync API Integration Admin Flag Bypass

PKSA-b8bq-4ngt-d89p CVE-2026-48008 GHSA-gv8p-48fr-4fxg

Affected package: shopware/platform

Affected version: <6.6.10.18|>=6.7.0.0,<6.7.10.1

Reported by:
GitHub