Skin Change API Endpoint also changes skins of unmigrated accounts

The bug

The API endpoint for changing player skins allows the user to change their skin without migration which neither the Minecraft Launcher nor browser allows.

How to reproduce

1. Get an authentication bearer of an unmigrated account from Yggdrasil
2. Send a POST request to Minecraft's skin API – the server will return 204 and change the account's skin even though it is unmigrated

I've written a Java class using Apache HTTPComponents and JSON-java for changing the skin of an account via this API endpoint. If you have access to an unmigrated Minecraft account, you can use this class to reproduce this issue. – [Mod] bemoty