function listAnchor sets _isCurated to true but does not update the curatedPoolCount and does not emit the Curated event. I don't see this curatedPoolCount variable used anywhere so probably it's just needed for the frontend consumption.
Recommended Mitigation Steps
I think the best solution would be to replace _isCurated[token] = true; with a call to a function curatePool. It also skips if the same anchor is listed twice.
Handle
paulius.eth
Vulnerability details
Impact
function listAnchor sets _isCurated to true but does not update the curatedPoolCount and does not emit the Curated event. I don't see this curatedPoolCount variable used anywhere so probably it's just needed for the frontend consumption.
Recommended Mitigation Steps
I think the best solution would be to replace _isCurated[token] = true; with a call to a function curatePool. It also skips if the same anchor is listed twice.