Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When having a trigger covering URLs or an Indicator genreated from an URL Observable, URL is clickable in the notification or the description #6657

Closed
SamuelHassine opened this issue Apr 10, 2024 · 2 comments · Fixed by #8591
Closed

When having a trigger covering URLs or an Indicator genreated from an URL Observable, URL is clickable in the notification or the description #6657

SamuelHassine opened this issue Apr 10, 2024 · 2 comments · Fixed by #8591
Assignees
@Kedae
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR) ui for scope limited to UI change
Milestone
Release 6.3.6

Comments

@SamuelHassine
Copy link
Member

Description

When having a trigger covering URLs, URL is clickable in the notification

This can be malicious!

image

=> In the notification content, continue to parse markdown, but put an exception on URL automatic parsing.
@SamuelHassine SamuelHassine added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Apr 10, 2024
@nino-filigran nino-filigran removed the needs triage use to identify issue needing triage from Filigran Product team label Apr 11, 2024
@nino-filigran
Copy link

Even though there's a confirmation pop up that appears when trying to click on the URL, it seems indeed safer to avoid making it clickable and instead let the user copy/pasting the url if the user wishes to navigate to the url.

Pop up:
image

@SamuelHassine SamuelHassine added this to the Release 6.1.0 milestone Apr 12, 2024
@Kedae Kedae self-assigned this Apr 17, 2024
@rguignard
Copy link

Same security issue with "default descriptions" associated to indicators created from the option "Create an indicator from this observable".
Example: Create an observable of type "Domain" with a value like "www.mydomain.com" and select "Create an indicator from this observable". On the newly created indicator, the value of the domain is clickable in the description.

opencti/opencti-platform/opencti-graphql/src/domain/stixCyberObservable.js

Line 136 in 5a85a82

: `Simple indicator of observable {${indicatorName}}`,

I think it would be better to delete this default description.

@Jipegien Jipegien changed the title When having a trigger covering URLs, URL is clickable in the notification When having a trigger covering URLs or an Indicator genreated from an URL Observable, URL is clickable in the notification or the description Jun 13, 2024
@Jipegien Jipegien mentioned this issue Jun 13, 2024
Closed
@Jipegien Jipegien added the ui for scope limited to UI change label Jul 1, 2024
Kedae added a commit that referenced this issue Oct 3, 2024
@Kedae
[frontend] Remove links from Notifications (#6657)
8e9e9e6
@Kedae Kedae mentioned this issue Oct 3, 2024
Merged
Kedae added a commit that referenced this issue Oct 8, 2024
@Kedae @lndrtrbn
[frontend] Remove links from Notifications (#6657)
ae45222 
Co-authored-by: Landry Trebon <[email protected]>
@Kedae Kedae added the solved use to identify issue that has been solved (must be linked to the solving PR) label Oct 8, 2024
@Kedae Kedae modified the milestones: Bugs backlog, Release 6.3.6 Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kedae Kedae

Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR) ui for scope limited to UI change
Projects
None yet
Milestone
Release 6.3.6
Development

Successfully merging a pull request may close this issue.

[frontend] Remove links from Notifications (#6657) OpenCTI-Platform/opencti
5 participants
@SamuelHassine @rguignard @Kedae @Jipegien @nino-filigran