Lowfrangio

**Name of the Vulnerable Software and Affected Versions** OpenZeppelin Contracts versions prior to 4.7.2 **Description** The issue affects contracts using the cross chain utilities for Arbitrum L2, specifically `CrossChainEnabledArbitrumL2` or `LibArbitrumL2`. These contracts classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even though they are not started on L1. The severity of this issue is assessed as low because any action taken by an EOA on the contract could also be taken by the EOA through the bridge if the issue was not present. **Recommendations** For versions prior to 4.7.2, upgrade to version 4.7.2 to resolve the issue. As a temporary workaround, consider restricting the use of `CrossChainEnabledArbitrumL2` and `LibArbitrumL2` until the upgrade is applied.