SOLVED: PSB infection alert email can include malicious URL

Products affected: PSB portal

Problem: The PSB Portal infection alert email sent to administrators can possibly contain malicious content if the email client used by the recipient automatically converts plain text URL into a clickable hyperlink.

Visible effects: The malicious plain text (non-clickable) URL contained in the infection alert email is clickable due to this auto conversion.

Workaround: If possible, temporarily configure your email client to stop text from turning into a hyperlink.

ETA: A fix to obfuscate the malicious link sent to administrators is currently in progress with high priority. The fix will be included in the next PSB Portal release.

Internal reference: CSBP-9063



This discussion has been closed.