Open Redirect

github.com/eolinker/apinto-dashboard is vulnerable to open redirects. A malicious user is able to redirect the victim to a malicious site via a malicious URL injected through the /login file due to the use of argument callback functionality...

Depositor can reenter contract on claim creation

Handle kenzo Vulnerability details This finding is almost identical to my previous finding "Claimer can reenter contract on claim creation", but in this scenario, the depositor can reenter via Depositors' safeMint function. When depositing, Depositors is minting the token using safeMint, which wi...