Missing Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via sandbox-browser-entrypoint.sh. An attacker can gain unauthorized access to VNC observer sessions by connecting to the noVNC service, which is exposed without...