Unsanitized input flows into Strategy match operation (EXIST), where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS).
Patched in 3.1.4
Avoid using Strategy settings that use REGEX in conjunction with EXIST and NOT_EXIST operations.