Improper Authentication
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Authentication via the authorizeCanvasRequest function. An attacker can gain unauthorized access to HTTP and WebSocket endpoints by sending local-direct loopback requests that...