Cross-site Request Forgery (CSRF)
Overview @gitlawb/openclaude is an OpenClaude opens coding-agent workflows to any LLM — OpenAI, Gemini, DeepSeek, Ollama, and 200+ models Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the callback process. An attacker can cause the local server to shu...