Impact
At least one organization encountered issues when users clicked on any link under the Vulnerabilities column in the Groups table at organization level. The issue started on UTC-5 24-03-05 10:08 and was reactively discovered 6.2 days (TTD) later by a customer while attempting to click on a link in the Vulnerabilities column to access any of their organization's groups, resulting in the error message There is an error :(
. The problem was resolved in 2.4 hours (TTF) resulting in a total impact of 6.3 days (TTR) [1][2].
Cause
The URL of the Links was malformed, with the term vulns
repeated twice at the end [3].
Solution
The team removed the duplicated word from the URL [4].
Conclusion
Inadequate testing of the redirection functionality triggered by that button resulted in an invalid URL going unnoticed. To prevent similar incidents in the future, the team has implemented comprehensive tests in this specific area [5]. INCOMPLETE_PERSPECTIVE < MISSING_TEST