From 350d755378d62753c9d30ae777d27290077fbf0e Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Fri, 26 Sep 2025 14:18:04 -0600
Subject: [PATCH 1/4] Similar Findings: Restrict to Product Scope
---
dojo/finding/views.py | 14 +++++++++++---
dojo/templates/dojo/finding_related_list.html | 1 -
dojo/templates/dojo/finding_related_row.html | 1 -
dojo/templates/dojo/view_finding.html | 3 +--
4 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/dojo/finding/views.py b/dojo/finding/views.py
index 271717cb6c3..e0a54e97bfc 100644
--- a/dojo/finding/views.py
+++ b/dojo/finding/views.py
@@ -539,7 +539,9 @@ def get_similar_findings(self, request: HttpRequest, finding: Finding):
finding_filter_class = SimilarFindingFilterWithoutObjectLookups if filter_string_matching else SimilarFindingFilter
similar_findings_filter = finding_filter_class(
request.GET,
- queryset=get_authorized_findings(Permissions.Finding_View),
+ queryset=get_authorized_findings(Permissions.Finding_View)
+ .filter(test__engagement__product=finding.test.engagement.product)
+ .exclude(id=finding.id),
user=request.user,
finding=finding,
)
@@ -3027,7 +3029,10 @@ def get_missing_mandatory_notetypes(finding):
def mark_finding_duplicate(request, original_id, duplicate_id):
original = get_object_or_404(Finding, id=original_id)
- duplicate = get_object_or_404(Finding, id=duplicate_id)
+ duplicate = get_object_or_404(
+ Finding.objects.filter(test__engagement__product=original.test.engagement.product),
+ id=duplicate_id,
+ )
if original.test.engagement != duplicate.test.engagement:
if (original.test.engagement.deduplication_on_engagement
@@ -3112,7 +3117,10 @@ def reset_finding_duplicate_status(request, duplicate_id):
def set_finding_as_original_internal(user, finding_id, new_original_id):
finding = get_object_or_404(Finding, id=finding_id)
- new_original = get_object_or_404(Finding, id=new_original_id)
+ new_original = get_object_or_404(
+ Finding.objects.filter(test__engagement__product=finding.test.engagement.product),
+ id=new_original_id,
+ )
if finding.test.engagement != new_original.test.engagement:
if (finding.test.engagement.deduplication_on_engagement
diff --git a/dojo/templates/dojo/finding_related_list.html b/dojo/templates/dojo/finding_related_list.html
index 5354346a5fb..69579630703 100644
--- a/dojo/templates/dojo/finding_related_list.html
+++ b/dojo/templates/dojo/finding_related_list.html
@@ -12,7 +12,6 @@
| Status |
Test |
Engagement |
- Product |
CWE |
Vulnerability Id |
EPSS Score |
diff --git a/dojo/templates/dojo/finding_related_row.html b/dojo/templates/dojo/finding_related_row.html
index 204e2875375..ba5336570ab 100644
--- a/dojo/templates/dojo/finding_related_row.html
+++ b/dojo/templates/dojo/finding_related_row.html
@@ -40,7 +40,6 @@
{% endif %}
- {{ similar_finding.test.engagement.product.name }}
|
{% if similar_finding.cwe > 0 %}
diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html
index fd4ffe9c8e1..d36681b6c2f 100755
--- a/dojo/templates/dojo/view_finding.html
+++ b/dojo/templates/dojo/view_finding.html
@@ -728,8 +728,7 @@ Similar Findings ({{ similar_findings.paginator.count }}
From a543620140b1bc842f20bebf59a33ae47275950e Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Fri, 26 Sep 2025 14:57:36 -0600
Subject: [PATCH 2/4] fix data tables oops
---
dojo/templates/dojo/view_finding.html | 1 -
1 file changed, 1 deletion(-)
diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html
index d36681b6c2f..c822a32c2eb 100755
--- a/dojo/templates/dojo/view_finding.html
+++ b/dojo/templates/dojo/view_finding.html
@@ -1517,7 +1517,6 @@ Credential
{ "data": "status" },
{ "data": "test" },
{ "data": "engagement" },
- { "data": "product" },
{ "data": "cwe" },
{ "data": "cve" },
{ "data": "epss_score", "type": "num", "render": percentSort },
From e694cbef861517ad518a4d8483cf21266c9cdd20 Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Mon, 29 Sep 2025 11:48:14 -0600
Subject: [PATCH 3/4] Update dojo/templates/dojo/view_finding.html
Co-authored-by: valentijnscholten
---
dojo/templates/dojo/view_finding.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html
index c822a32c2eb..a757bcf5bd7 100755
--- a/dojo/templates/dojo/view_finding.html
+++ b/dojo/templates/dojo/view_finding.html
@@ -726,7 +726,7 @@ Duplicate Cluster ({{ finding|finding_duplicate_cluster_size }})
Similar Findings ({{ similar_findings.paginator.count }})
Date: Thu, 2 Oct 2025 16:08:23 -0600
Subject: [PATCH 4/4] Update dojo/templates/dojo/view_finding.html
---
dojo/templates/dojo/view_finding.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dojo/templates/dojo/view_finding.html b/dojo/templates/dojo/view_finding.html
index a757bcf5bd7..9001cbcd9cb 100755
--- a/dojo/templates/dojo/view_finding.html
+++ b/dojo/templates/dojo/view_finding.html
@@ -726,7 +726,7 @@ Duplicate Cluster ({{ finding|finding_duplicate_cluster_size }})
Similar Findings ({{ similar_findings.paginator.count }})
|