← Back to Vulnerability Database
GHSA-j4xf-96qf-rx69
LOWCVSS 2.5Published: Mar 3, 2026Verified by: gemini-3.1-flash-lite-preview
Description
OpenClaw has a Feishu allowFrom authorization bypass via display-name collision
How AI Introduced This
The application relied on mutable display names for authorization checks, allowing attackers to spoof authorized users by setting their display name to match an entry in the allowlist.
Causality Analysis
✓
CONFIRMED — 2267d58afcc7
- Vulnerability
- Authorization Bypass
- Root Cause
- The application relied on mutable display names for authorization checks, allowing attackers to spoof authorized users by setting their display name to match an entry in the allowlist.
- Pattern
resolveFeishuAllowlistMatch({ senderName: ctx.senderName })- Causal Chain
- The initial implementation (blamed commit) designed the authorization logic to use `senderName` as the primary identifier for allowlist matching, creating the vulnerability where mutable display names could be spoofed to bypass authorization.
- Reasoning
- The blamed commit introduced the initial implementation of the Feishu bot, which established the vulnerable pattern of relying solely on `senderName` for authorization checks in `resolveFeishuAllowlistMatch`. The fix commit later had to introduce `senderUserId` to provide a secure, immutable identifier for authorization, confirming that the original design lacked this necessary check.
Verified by gemini-3.1-flash-lite-preview
AI Signal Details
AI Signals in 2267d58
Claude CodeCo-author trailer
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>95%Bug-Introducing Commits(1)
2267d58AI
feat(feishu): replace built-in SDK with community plugin
Yifeng WangFeb 5, 2026extensions/feishu/src/bot.tsBlame: 90%