EPSS
Percentile
33.8%
@solana/pay adopts a weak transfer logic. It doesn’t properly check if a transaction is valid Solana Pay transfer, ending up validating multiple transfers.
github.com/solana-labs/solana-pay/blob/master/core/src/validateTransfer.ts
github.com/solana-labs/solana-pay/blob/master/SPEC.md#reference
github.com/solana-labs/solana-pay/commit/ac6ce0d0a81137700874a8bf5a7caac3be999fad
github.com/solana-labs/solana-pay/security/advisories/GHSA-j47c-j42c-mwqq