Merge pull request #346 from cloudsufi/cherrypick/beanutils

[🍒][PLUGIN-1937] CVE-2025-48734 Fix : Beanutils commons

PLUGIN-1937: This PR upgrades the version of commons-beanutils library from v1.9.4 to v1.11.0, thereby fixing the vulnerability that allowed unauthorized access to the declaredClass property of Java enum objects via PropertyUtilsBean.getProperty() or PropertyUtilsBean.getNestedProperty().

Author: Krish-cloudsufi

pom.xml

@@ -66,7 +66,7 @@
     <spark2.version>2.1.3</spark2.version>
     <hydrator.version>2.10.0</hydrator.version>
     <commons.version>3.18.0</commons.version>
-    <salesforce.api.version>64.0.0</salesforce.api.version>
+    <salesforce.api.version>65.0.0</salesforce.api.version>
     <cometd.java.client.version>4.0.0</cometd.java.client.version>
     <antlr.version>4.7.2</antlr.version>
     <mockito.version>2.23.0</mockito.version>
@@ -128,6 +128,10 @@
           <groupId>commons-logging</groupId>
           <artifactId>commons-logging</artifactId>
         </exclusion>
+          <exclusion>
+              <groupId>commons-beanutils</groupId>
+              <artifactId>commons-beanutils</artifactId>
+          </exclusion>
         <exclusion>
           <groupId>log4j</groupId>
           <artifactId>log4j</artifactId>