Updated Spring Security to a version higher than 6.3.1 or 6.2.5 (see dependency updates for the concrete version). In that course the beans 'unauthenticatedRequestMatcher' and 'csrfIgnoringRequestMatcher' of type org.springframework.security.web.util.matcher.RequestMatcher have been replaced by beans of type List<RequestMatcher> named 'unauthenticatedRequestMatchers' and 'csrfIgnoringRequestMatchers' respectively. This change is only breaking for projects which have customized one of these two matcher beans. These projects must now customize the new list beans instead.

(CMS-25278)