Explicitly declaring xstream to override a transitively imported version affected by CVE #2938

Job	Run time
ubuntu-latest / Java-17 / Maven-3.9.6	10m 48s
	10m 48s

Provide feedback