anyone can call onERC721Received
Handle paulius.eth Vulnerability details Impact function onERC721Received does not authorize a caller thus anyone can add a new NFT passing arbitrary values to nftContract and tokenId even if they do not send the actual NFT. Recommended Mitigation Steps Authorize the caller depending on the...