Severity: important Vendor: The Apache Software Foundation
Versions Affected: Roller 4.0.0 to Roller 4.0.1 Roller 5.0 and Roller 5.0.1 The unsupported Roller 3.1 release is also affected Description: Some parts of Roller's editor and administration console were vulnerable to pre-authenticated remote code execution issues. Mitigation Roller 4.0 and 4.0.1 users should upgrade to Roller 5.0.2 Roller 5.0 and 5.0.1 users should upgrade to Roller 5.0.2 Roller 3.1 users should upgrade to Roller 5.0.2 Credit: Coverity SRL (Security Research Laboratory)
