The InteractionLogic.collect function does not check if the collector already collected the publication.
They can be collected several times by the same collector.
Recommended Mitigation Steps
Ensure that the caller has not already collected the pubId.
Lines of code
https://github.com/code-423n4/2022-02-aave-lens/blob/aaf6c116345f3647e11a35010f28e3b90e7b4862/contracts/libraries/InteractionLogic.sol#L97
Vulnerability details
Impact
The
InteractionLogic.collect
function does not check if the collector already collected the publication. They can be collected several times by the same collector.Recommended Mitigation Steps
Ensure that the caller has not already collected the
pubId
.