Filtering findings by "Test name" results in internal server error

[AndreyMZ]

Steps to reproduce

1. Log in to DefectDojo: https://demo.defectdojo.org/
2. Switch on Filter String Matching Optimization:
   1. Go to Configuration -> System Settings.
   2. Switch on Filter String Matching Optimization.
   3. Click Submit.
3. Go to Products -> All Products -> any product with findings -> Findings -> View All Findings.
4. Set the filter "Test Name" or "Test name Contains" to something, e.g., foo.
   E.g.: https://demo.defectdojo.org/product/1/finding/open?test__name=foo
5. Click Apply Filters.

Actual result

500 Internal Server Error

[03/Feb/2026 11:54:10] ERROR [dojo.middleware:101] Unhandled exception during social login: Unsupported lookup 'name' for ForeignKey or join on the field not permitted.
[03/Feb/2026 11:54:12] ERROR [django.request:253] Internal Server Error: /product/61/finding/all
Traceback (most recent call last):
  File "DefectDojo/.venv/Lib/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "DefectDojo/.venv/Lib/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "DefectDojo/.venv/Lib/site-packages/django/views/generic/base.py", line 105, in view
    return self.dispatch(request, *args, **kwargs)
           ~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/django/views/generic/base.py", line 144, in dispatch
    return handler(request, *args, **kwargs)
  File "DefectDojo/dojo/finding/views.py", line 370, in get
    paged_findings = get_page_items(request, filtered_findings.qs, 25)
                                             ^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/django_filters/filterset.py", line 250, in qs
    qs = self.filter_queryset(qs)
  File "DefectDojo/.venv/Lib/site-packages/django_filters/filterset.py", line 233, in filter_queryset
    queryset = self.filters[name].filter(queryset, value)
  File "DefectDojo/.venv/Lib/site-packages/django_filters/filters.py", line 167, in filter
    qs = self.get_method(qs)(**{lookup: value})
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/query.py", line 1478, in filter
    return self._filter_or_exclude(False, args, kwargs)
           ~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/tagulous/models/tagged.py", line 142, in _filter_or_exclude
    qs = super(TaggedQuerySet, self)._filter_or_exclude(
        negate, args, safe_fields
    )
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/query.py", line 1496, in _filter_or_exclude
    clone._filter_or_exclude_inplace(negate, args, kwargs)
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/query.py", line 1506, in _filter_or_exclude_inplace
    self._query.add_q(Q(*args, **kwargs))
    ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/sql/query.py", line 1609, in add_q
    clause, _ = self._add_q(q_object, self.used_aliases)
                ~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/sql/query.py", line 1641, in _add_q
    child_clause, needed_inner = self.build_filter(
                                 ~~~~~~~~~~~~~~~~~^
        child,
        ^^^^^^
    ...<7 lines>...
        update_join_types=update_join_types,
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/sql/query.py", line 1555, in build_filter
    condition = self.build_lookup(lookups, col, value)
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/sql/query.py", line 1372, in build_lookup
    lhs = self.try_transform(lhs, name)
  File "DefectDojo/.venv/Lib/site-packages/django/db/models/sql/query.py", line 1423, in try_transform
    raise FieldError(
    ...<2 lines>...
    )
django.core.exceptions.FieldError: Unsupported lookup 'name' for ForeignKey or join on the field not permitted.
[03/Feb/2026 11:54:12] "GET /product/61/finding/all?test__name=foo HTTP/1.1" 500 250890

Expected behavior

No errors.

Root cause

https://github.com/search?type=code&q=repo%3ADefectDojo%2Fdjango-DefectDojo%20test__name

dojo.models.Test does not have the name field.

Posisble solution

Use test__title instead of test__name.

Additional information

Deployment method (select with an X)

• Docker Compose
• Kubernetes
• GoDojo

Environment information

• Operating System: any
• Docker Compose or Helm version: any
• DefectDojo version: 2.54.2

[manuel-sommer]

Could you submit a PR for this @AndreyMZ ?

[valentijnscholten]

Could you submit a PR for this @AndreyMZ ?

Or provide the traceback from the logs

[AndreyMZ]

Or provide the traceback from the logs

I have updated the issue description with the traceback, root cause, and possible solution.