A critical vulnerability allows teachers to bypass review limits, enabling infinite review for students due to non increase in review counts.
giveReview()
function, The contract fails to increment reviewCount[_student]
after each review, rendering the 5-review limit ineffective:
🚨 System violates core "5-review" business rule
🚨 Unlimited reviews
Manual code analysis
increase review count for the student after each review
`reviewCount` for students is not updated after each review session
`reviewCount` for students is not updated after each review session
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.