15.2.0

What's Changed

• CVE-2019-11358 CVE-2020-11023 Update jQuery to 3.7.1 by @maximthomas in #878
• CVE-2025-48976 Apache Commons FileUpload: FileUpload DoS via part headers by @dependabot[bot] in #883
• CVE-2025-48924 Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs by @vharseko in #887
• CVE-2025-48734 Apache Commons Improper Access Control vulnerability by @dependabot[bot] in #870
• CVE-2018-8039 Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.* by @dependabot[bot] in #871
• [#877] Return Bad Request error if CORS failed by @maximthomas in #882
• [#872] Add root group permission to the Docker $CATALINA_HOME directory by @maximthomas in #879
• FIX: Failed to execute goal org.apache.maven.plugins:maven-shade-plugin:3.2.1:shade Unsupported class file major version 61 by @vharseko in #885
• Bump org.openidentityplatform.opendj 4.10.0 by @vharseko in #888
• Docker integration test with OpenDJ separate instance by @maximthomas in #866
• Increase timeout for Chrome startup to 60s by @FireBurn in #869
• Deploy: migrating from Legacy OSSRH to Central Portal by @vharseko in #875
• Migrate tests from using fest-assert to AssertJ by @aldaris in #876

Full Changelog: 15.1.6...15.2.0