Open hats-bug-reporter[bot] opened 3 months ago
Github username: -- Twitter username: -- Submission hash (on-chain): 0x749c8109e462847ce6acdb7ffca9665e3d736718d24a3205f92f9590c48f648f Severity: medium
Description: Description\ Like LM_PC_Bounties_v1.updateClaimContributors and LM_PC_Bounties_v1.addClaim, LM_PC_Bounties_v1.updateClaimDetails should use onlyModuleRole(CLAIMANT_ROLE) modifier, but it doesnt
onlyModuleRole(CLAIMANT_ROLE)
Attack Scenario\ _claimRegistry[claimId].details can be updated by anyone
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)
Line 398: onlyModuleRole(CLAIMANT_ROLE)
Github username: -- Twitter username: -- Submission hash (on-chain): 0x749c8109e462847ce6acdb7ffca9665e3d736718d24a3205f92f9590c48f648f Severity: medium
Description: Description\ Like LM_PC_Bounties_v1.updateClaimContributors and LM_PC_Bounties_v1.addClaim, LM_PC_Bounties_v1.updateClaimDetails should use
onlyModuleRole(CLAIMANT_ROLE)
modifier, but it doesntAttack Scenario\ _claimRegistry[claimId].details can be updated by anyone
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)