[Snyk] Security upgrade org.apache.logging.log4j:log4j-core from 2.7 to 2.13.2

[jonathanchisnyk]

Snyk has created this PR to fix 6 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• todolist-goof/todolist-web-struts/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Remote Code Execution (RCE) SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720	949	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 Mature
	Remote Code Execution (RCE) SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2320014	919	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 Mature
	Deserialization of Untrusted Data SNYK-JAVA-ORGAPACHELOGGINGLOG4J-31409	782	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 Mature
	Arbitrary Code Execution SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2327339	430	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2321524	344	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 Proof of Concept
	Man-in-the-Middle (MitM) SNYK-JAVA-ORGAPACHELOGGINGLOG4J-567761	53	org.apache.logging.log4j:log4j-core: 2.7 -> 2.13.2 No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Remote Code Execution (RCE)
🦉 Denial of Service (DoS)
🦉 Deserialization of Untrusted Data