GHSA-2gh6-wc3m-g37f: hermes-management is vulnerable to RCE due to Apache commons-jxpath

Severity: Critical

CVSS Score: 9.8

### Impact hermes-management is vulnerable to RCE when it processes user-controlled data due to using Apache commons-jxpath. ### Patches Upgrade Hermes to at least hermes-2.2.9 ### References https://hackinglab.cz/en/blog/remote-code-execution-in-jxpath-library-cve-2022-41852/