It claims that those vulnerabilities have nothing to do with XWiki and that it "can't be fixed by upgrading XWiki" which is not true since most of the reported vulnerabilities are from JARs located in the XWiki WAR. It actually can only be done by upgrading XWiki itself and not the extension , contrary to the other tab (which list installed extensions) .
!Firefox_Screenshot_2023-09-28T07-30-40.537Z.png!
Notice ivy and commons-compress versions which are actually XWiki 15.7 versions (in XWiki 15.8 we have respectively ivy 2.5.2 and commons-compress 1.24.0). |
|
