CVE-2026-27009

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.15

Description A stored Cross-Site Scripting (XSS) issue exists in the OpenClaw Control UI when rendering assistant identity (name/avatar) into an inline <script> tag without proper escaping. A crafted value containing </script> could allow an attacker to break out of the script tag and execute arbitrary JavaScript in the Control UI origin. The issue stemmed from directly injecting assistantName and assistantAvatar into an inline <script> block using JSON.stringify(...), which does not prevent the </script> sequence from terminating the script element. An attacker with the ability to set assistant identity values could potentially steal tokens or sessions and perform privileged actions in the UI.

Recommendations Versions prior to 2026.2.15 should be updated to version 2026.2.15 or later. This update removes inline script injection, serves bootstrap configuration from a JSON endpoint, and adds a restrictive Content Security Policy for the Control UI (script-src 'self', no inline scripts).