Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the process that fetches quoted, root, or thread context messages, which bypasses the sender allowlist. An attacker can access message content from unauthorized...