CVE-2013-1924

The CVE-2013-1924 vulnerability affects the Commerce Skrill (Formerly Moneybookers) contributed module for Drupal, with an access bypass in the IPN processing that could allow forged notifications to be accepted. It affects all versions prior to 7.x-1.2; Drupal core is not affected. The fix is to...