Function Call With Incorrect Variable or Reference as Argument
| Property | |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-688: Function Call With Incorrect Variable or Reference as Argument |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | High |
Description#
The ‘from’ parameter is incorrectly checked in the _allowances mapping, meaning the function verifies allowances for the wrong address. This can allow unauthorized token burns or prevent valid burns from occurring.
Impact#
If exploited, attackers could burn tokens from accounts without proper approval or bypass intended permission checks, potentially leading to loss of user funds and undermining trust in the token contract.