Our security software has reported that the version of Thymeleaf that cuba-portal 7.2.20 depends on has a critical security vulnerability. We are attempting to upgrade Thymeleaf (from 3.0.15 to 3.1.2), however Cuba throws an exception regarding a casting issue with the logger. This seems to be caused by the SLF4J version. Thymeleaf 3.0.15 is using SLF4J 1.7.x, where 3.1.2 is using SLF4J 2.0.x
Does anyone have experience or insight into trying to upgrade Thymeleaf or SLF4J on this Cuba version?