From 81838290a12ba6da94caf1e3adb5a31545a51642 Mon Sep 17 00:00:00 2001
From: tzclucian <tzclucian@gmail.com>
Date: Mon, 12 Oct 2020 16:48:19 +0300
Subject: [PATCH] MNT-21879 : [Security] Multiple json-java vulnerabilities   
 - added upgrade & fix

---
 pom.xml                                                         | 2 +-
 .../org/alfresco/repo/preference/PreferenceServiceImpl.java     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index ef6d029fc5..6c33b8159e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -65,7 +65,7 @@
         <dependency.webscripts.version>7.16</dependency.webscripts.version>
         <dependency.bouncycastle.version>1.64</dependency.bouncycastle.version>
         <dependency.mockito-core.version>3.4.6</dependency.mockito-core.version>
-        <dependency.org-json.version>20090211</dependency.org-json.version>
+        <dependency.org-json.version>20200518</dependency.org-json.version>
         <dependency.commons-dbcp.version>1.4-DBCP330</dependency.commons-dbcp.version>
         <dependency.guava.version>28.2-jre</dependency.guava.version>
         <dependency.commons-io.version>2.6</dependency.commons-io.version>
diff --git a/repository/src/main/java/org/alfresco/repo/preference/PreferenceServiceImpl.java b/repository/src/main/java/org/alfresco/repo/preference/PreferenceServiceImpl.java
index f19514a580..2bea1a681e 100644
--- a/repository/src/main/java/org/alfresco/repo/preference/PreferenceServiceImpl.java
+++ b/repository/src/main/java/org/alfresco/repo/preference/PreferenceServiceImpl.java
@@ -196,7 +196,7 @@ public class PreferenceServiceImpl implements PreferenceService, Extensible
             {
                 if(jsonPrefs.has(preferenceName))
                 {
-                    preferenceValue = jsonPrefs.getString(preferenceName);
+                    preferenceValue = String.valueOf(jsonPrefs.get(preferenceName));
                 }
             }
         }