Improper Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Authorization via the slash-command handler. An attacker can execute privileged commands by sending direct messages to the bot, bypassing intended allowlist or access-group...