SYM_SOL_0034 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Function Call With Incorrect Variable or Reference as Argument
| Property | Value |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-688: Function Call With Incorrect Variable or Reference as Argument |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | High |
Description
The 'from' parameter is incorrectly checked in the _allowances mapping, meaning the function verifies allowances for the wrong address. This can allow unauthorized token burns or prevent valid burns from occurring.
Impact
If exploited, attackers could burn tokens from accounts without proper approval or bypass intended permission checks, potentially leading to loss of user funds and undermining trust in the token contract.