Technology & Science

GHSA-C4QG-J8JG-42Q5: GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension

CVE Reports·Dev.to·3h ago·1 min read

GHSA-C4QG-J8JG-42Q5: GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension

CVE Reports·Dev.to·3h ago · Sunday, April 26, 2026·1 min read

GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension Vulnerability ID: GHSA-C4QG-J8JG-42Q5 CVSS Score: Low Published: 2026-04-25 The OpenClaw platform contains a Server-Side Request Forgery (SSRF) vulnerability within its QQBot extension. The application fails to validate external media URLs before relaying them to the QQ Open Platform API. This flaw allows an attacker

Continue reading on Dev.to

This article was sourced from Dev.to's RSS feed. Visit the original for the complete story.

Read full article