Home » Database

AVID-2026-R0241

Description

OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection (CVE-2026-27009)

Details

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a atored XSS issue in the OpenClaw Control UI when rendering assistant identity (name/avatar) into an inline <script> tag without script-context-safe escaping. A crafted value containing </script> could break out of the script tag and execute attacker-controlled JavaScript in the Control UI origin. Version 2026.2.15 removed inline script injection and serve bootstrap config from a JSON endpoint and added a restrictive Content Security Policy for the Control UI (script-src 'self', no inline scripts).

References

Affected or Relevant Artifacts

  • Developer: openclaw
  • Deployer: openclaw
  • Artifact Details:
TypeName
Systemopenclaw

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.1
Vector StringCVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Base Score5.8
Base Severity🟠 Medium
Attack VectorLOCAL
Attack Complexity🟢 Low
Privileges Required🔴 High
User InteractionREQUIRED
ScopeUNCHANGED
Confidentiality Impact🔴 High
Integrity Impact🔴 High
Availability ImpactNONE

CWE

IDDescription
CWE-79CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2026-02-19
  • Version: 0.3.2
  • AVID Entry