[
https://issues.apache.org/jira/browse/SLING-10953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17470583#comment-17470583
]
Robert Munteanu commented on SLING-10953:
-----------------------------------------
In the meantime, I proposed an alternate fix for AntiSamy 1.6.5 which could
mean that we don't have to touch the XML parsing code at all, see
https://github.com/nahsra/antisamy/issues/103#issuecomment-1007377482
> Update dependency Antisamy version from 1.5.10 to 1.6.4
> -------------------------------------------------------
>
> Key: SLING-10953
> URL: https://issues.apache.org/jira/browse/SLING-10953
> Project: Sling
> Issue Type: Improvement
> Reporter: Tatyana Vogel
> Priority: Major
> Fix For: XSS Protection API 2.2.18
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The latest version of AntiSamy is 1.6.4, see
> https://search.maven.org/search?q=g:org.owasp.antisamy%20AND%20a:antisamy .
> We should upgrade to that version, since we embed the AntiSamy bundle and
> there is no other way for consumers of the bundle to upgrade.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
