Update PDF.js dependency to 4.2.67 or higher
Related to Stored XSS via PDFjs (#462748 - closed)
We prevented PDF.js from evaluating scripts when rendering PDF files in the UI to close a security vulnerability described here
The fix has performance implications around rendering fonts so we should not remove the patch. To safely remove the patch we need to upgrade PDF.js to 4.2.67 or higher.