We have security vulnerabilities reported in the Help content generated using RoboHelp 2019 Classic.

Question

While Uploading the output generated by the Robohelp 2019 Classic version to the SonarQube Application. We are getting the below Hotspot Errors and Vulnerable to Polynomial runtime error.

102 Security Hotspots to review.

Error Type:
1. Denila of Service (Dos)

2. Code Injection (RCE)

Note: Make sure the regex used here, which is vulnerable to polynomial runtime due to backtracking, cannot lead to denial of service.
Using slow regular expressions is security-sensitive Java.
Status: To review
This security hotspot needs to be reviewed to assess whether the code poses a risk.

Please help me on how to rectify the issue.

FYI attached screen shot below:

Peter Grainge · Answer

Normallly for any security issue, anyone here would refer you to Adobe Support but your version is no longer supported. Support is limited to the current and previous version. I don't know if they make exceptions for security matters.

However, before you go there, that does not look like RoboHelp code. As such it would not be eligible for support anyway.

________________________________________________________

My site www.grainge.org includes many free Authoring and RoboHelp resources that may be of help.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded