Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the messagereaction function. An attacker can inject unauthorized system events by sending crafted Telegram reactions, bypassing configured DM or group...