Discovered 9 months ago
Source: static code analysis
Category: Denial of Service
Confidence level: Medium


Model attribute used in regex



          \d+(?!\S\w)\b # Integer-based milestone iid, or
        ) |
          [^"\s]+\b |  # String-based single-word milestone title, or
          "[^"]+"      # String-based multi-word milestone surrounded in quotes

Category description: Denial of Service is any attack which causes a service to become unavailable for legitimate clients.

Solution: fix the issue in app/models/milestone.rb or mark it as false positive.