The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal allows remote attackers to bypass the user registration by administrator only configuration and create an account via a social login.Referenceshttps://www.drupal.org/node/2511200http://www.openwall.com/lists/oss-security/2015/07/04/4https://www.drupal.org/node/2511410http://www.securityfocus.com/bid/75412
