Anyone Can Arbitrarily Call FSDVesting.updateVestedTokens()
Handle leastwood Vulnerability details Impact The updateVestedTokens function is intended to be called by the FSD.sol contract when updating a user's vested token amount. A check is performed to ensure that user == beneficiary, however, as user is a user controlled argument, it is possible to spo...