Malicious proposal can drain the treasury contract and bypass the gscAllowance[token] check
Lines of code Vulnerability details Impact Malicious proposal can drain the treasury contract and bypass the gscAllowancetoken check Proof of Concept See this two function: function gscSpend address token, uint256 amount, address destination external onlyRoleGSCCOREVOTINGROLE nonReentrant if...