Tatyana Vogel created SLING-12116:
-------------------------------------
Summary: org.apache.sling.xss-2.3.6.jar embeds vulnerable
google-guava
Key: SLING-12116
URL: https://issues.apache.org/jira/browse/SLING-12116
Project: Sling
Issue Type: Bug
Components: XSS Protection API
Reporter: Tatyana Vogel
The sling XSS library has a transitive dependency which embeds vulnerable
google-guava.
Upgrade to a vulnerability-free version of the embedded library is needed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
