pycti (OpenCTI) security advisory: regex bypass in secureIntrospectionPlugin

A security advisory was published for pycti (OpenCTI) regarding a bypass in the regex validation used to prevent Introspection queries. The validation can be bypassed by removing extra whitespace, carriage return, and line feed characters from the query.

Users of OpenCTI who rely on the secureIntrospectionPlugin to restrict GraphQL introspection queries.

Review and update the regex validation in secureIntrospectionPlugin to account for stripped whitespace and control characters, or implement additional safeguards to prevent unauthorized introspection.