Reentrancy via fallback in cross-chain settlement adapter

An unchecked external call in a widely deployed settlement adapter allows attacker-controlled tokens to re-enter and double-spend settlement messages. Patched in v2.4.7.