ColaM12
commented
2 years ago Do not find any risk on this issue. But can be improved by pass sender from OpenLeverage.sol. Recommend severity: "0(None Critical)"
Open code423n4 opened 2 years ago
ColaM12
commented
2 years ago Do not find any risk on this issue. But can be improved by pass sender from OpenLeverage.sol. Recommend severity: "0(None Critical)"
0xleastwood
commented
2 years ago There is no poc provided so I don't see why this should be medium. Agree with sponsor and will mark as non-critical.
Handle
jayjonah8
Vulnerability details
Impact
In ControllerV1.sol in the updatePriceAllowed() function tx.origin is used. tx.origin is a global variable in Solidity which returns the address of the account that sent the transaction. Using the variable could make a contract vulnerable if an authorized account calls into a malicious contract.
Proof of Concept
https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/ControllerV1.sol#L163
https://swcregistry.io/docs/SWC-115
Tools Used
Manual code review
Recommended Mitigation Steps
Its recommended to use msg.sender instead