Proof of Concept:
=================
The vulnerability can be exploited by remote attacker without required
user inter action.
For demonstration or reproduce ...

Required for Exploitation:
                 [+] Tamper Data or other live tamper software
                 [+] Web Browser like mozilla firefox, ie9 or chrome
                 [+] A random registered skype user account to get a not
expired session

Exploitation Techique(s):
                 [+] Bypass the Skype Recovery Page (request tamper) to
New Pass or Reset
                 [+] Bypass token protection via not empty value with
positiv value(s) to match
                 [+] Hold the request via tamper include own values to
setup the new password

Next Step(s):
                 [+] Decode captcha & send automatique value(s) ->
Account Service (Remote Exploit)

Reference(s):
                 [+] https://login.skype.com/account/password-automation

Video(PoC Demo):
                 [+] http://www.youtube.com/watch?v=RPTEaJftNw0

The researcher is explaining in the advisory the next step for (multiple) remote resets in skype by an automatic script/routine (exploit).