Open code423n4 opened 3 years ago
pauliax
Function rescueToken in CvxStakingProxy should validate that _to is not empty (0x0) so tokens will not be lost (burned). Function setStakingContract in CvxLocker should validate that _staking is not empty.
Consider implementing suggested validations.
Handle
pauliax
Vulnerability details
Impact
Function rescueToken in CvxStakingProxy should validate that _to is not empty (0x0) so tokens will not be lost (burned). Function setStakingContract in CvxLocker should validate that _staking is not empty.
Recommended Mitigation Steps
Consider implementing suggested validations.