Ed Ra

**Name of the Vulnerable Software and Affected Versions** Roller versions prior to 6.0.2 **Description** The issue arises from user-controlled inputs `request.getHeader("Referer")`, `request.getRequestURL()`, and `request.getQueryString()` being used to build and execute a regex expression. An attacker can send a specially crafted Referer header programmatically, without needing a browser, and potentially cause a ReDoS (Regular expression Denial of Service) through regex catastrophic backtracking on the server side. **Recommendations** For versions prior to 6.0.2, update to Roller 6.0.2 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable regex functionality until the update can be applied. Avoid using the `request.getHeader("Referer")`, `request.getRequestURL()`, and `request.getQueryString()` inputs in the affected regex expression until the issue is resolved.