jooby-pac4j: deserialization of untrusted data

[cwm1123]

I would like to responsibly report a potential security concern that requires private disclosure. Please create a security advisory in this repository so I can submit the details through the appropriate confidential channel.

This report contains information about a vulnerability that should not be disclosed publicly until proper mitigation is available. Kindly acknowledge this request and create a security advisory for further communication.

[jknack]

just created a draft security advisory, please fill all the data there.

[cwm1123]

just created a draft security advisory, please fill all the data there.

thanks! but i haven't received the inviting links or emails, could you check for it and send invite links , or add @cwm1123 to security advisory .

[jknack]

described here: GHSA-7c5v-895v-w4q5