Cross-site Request Forgery (CSRF)
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the manual OAuth login flow. An attacker can cause credential substitution by convincing a user to paste attacker-controlled OAuth callback data,...