Kenun99

**Name of the Vulnerable Software and Affected Versions** EOSIO batdappboomx version v327c04cf **Description** The issue concerns an Access-control vulnerability in the `transfer` function of the smart contract. This vulnerability allows remote attackers to win cryptocurrency without paying the ticket fee by exploiting the `std::string memo` parameter. **Recommendations** For EOSIO batdappboomx version v327c04cf, consider disabling the `transfer` function until a patch is available to prevent exploitation. Restrict access to the `std::string memo` parameter in the affected smart contract to minimize the risk of unauthorized cryptocurrency wins.