Open redirect in OpenClaw - #VU135891
Published: June 30, 2026
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to url redirection to an untrusted site in the MCP SSE feature when handling redirects that forward Authorization headers. A remote user can trigger a crafted redirect path to disclose sensitive information.
Only instances where the affected feature is enabled and reachable are vulnerable.