Re-Entrancy Attack in PermissionlessBasicPoolFactory
Lines of code Vulnerability details Impact Since, the state change of pool.rewardFunding is taking place after the ERC20.transferFrom function, and since there is no whitelist of ERC20 tokens, therefore, it is very much possible that a malicious ERC20 contract can initiate a re-entrancy attack fr...