The ERC20 token standard is widely used by blockchian companies and startups to raise money doing crowdsales nowadays. But some of this token contracts (some of them very popular) don't have a refund token function implemented, it means that if a token holder for some unknown reason wants to send that tokens to another token contract he wont be able to recover his tokens.
Seems to me that this has to be changed, since it it a standard it should allow the sending and recovering of tokens between contracts that use that standard. this bug doesn't affect contract security, but if you send tokens to a contract that don't support the standard, you will lose them. So basically if you send tokens from ERC20_TOKEN_A -> ERC20_TOKEN_B you will loose your tokens.
Source:
~~~ embed:ethereum/comments/60ql37/attention_be_careful_using_ethereum_tokens/ reddit metadata:fGV0aGVyZXVtfGh0dHBzOi8vd3d3LnJlZGRpdC5jb20vci9ldGhlcmV1bS9jb21tZW50cy82MHFsMzcvYXR0ZW50aW9uX2JlX2NhcmVmdWxfdXNpbmdfZXRoZXJldW1fdG9rZW5zL3w= ~~~