onlyEOA modifier can be bypassed and leads to loss of user funds(Openzeppelin removed isContract function check)
Lines of code Vulnerability details Impact The onlyEOA modifier is extensively used in L1 as well as L2 smart contracts. It is designed to restict certain operations to Externally Owned accountEOA. However, the vulnerability exist that may allow the malicious contract to bypass this restriction...