Arbitrary code can be run with Controller as msg.sender
Lines of code Vulnerability details Impact A malicious user can call Controller's operate with ActionType.QTokenPermit, providing a precooked contract address as qToken, that will be called by Controller contract with IQTokenqToken.permit, which implementation can be arbitrary as long as IQToken...