Closed code423n4 closed 1 year ago
https://github.com/ProjectOpenSea/opensea-creatures/blob/165d4fe6a90532a7a913b76ef33bfbfc9624c878/contracts/ERC721Tradable.sol#L89
the function isApprovedForAll(address owner, address operator) is using msg.sender as the address of the user instead of the address that is passed as the owner parameter, this might cause some issues on the code.
this is against the wrong repo!
HAHAHA
HickupHH3 marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/ProjectOpenSea/opensea-creatures/blob/165d4fe6a90532a7a913b76ef33bfbfc9624c878/contracts/ERC721Tradable.sol#L89
Vulnerability details
Impact
the function isApprovedForAll(address owner, address operator) is using msg.sender as the address of the user instead of the address that is passed as the owner parameter, this might cause some issues on the code.