GHSA-WFM2-RQ5G-F8V5 @account-kit/smart-contracts Allowlist Module Bypass Vulnerability
Summary Allowlist module contains a bypass vulnerability Details The logic for using an allowlist on a Modular Account V2 contained a bug that allowed session keys to bypass any allowlist configuration Action If you are using @aa-sdk and/or @account-kit/smart-contracts between the versions of...