Open Source Document Management System | OpenKM

There are lots of vulnerabilities were reported tomcat v7.0.27.
As OpenKM comes bundled with tomcat v7.0.27 its also prone to these vulnerabilities.
I know there are few dependencies that need to be configured to install OpenKM on tomcat.
My question is can we install OpenKM on latest version of tomcat ie 8.x.x or latest version of 7 release cycle by configuring these dependencies.
Did anyone tried running OpenKM on higher version of tomcat than 7.0.27.

Should not be any problem on configure with upper tomcat version, we got for example installed on some tomcats what comes from linux repositories what are frequenly updated. Anyway, about the bugs on tomcat do you directly expose tomcat port 8080 ? because we recommend expose OpenKM behing an apache proxy in order to prevent the possible tomcat sploits. I do not know if there's some tomcat exploit that can be done behing apache proxy, but we would like to know if it's the case.