Hello Guys,
I need your assistance if possible. I'm a normal PHP developer. Today, I received a mail from our security team, and they shared a document about a vulnerability through Apache Log4j framework, and Apache has released a new version 2.15.0 as a fix, and server administrator should update Log4j to the latest version to avoid issues.
It was also mentioned that the previous versions of Log4j has the vulnerability of possible Remote Code Execution on the target server by attacker and taking control over the target server. Hearing all these details, makes me worried.
Honestly, it is first time for me to hear about Log4j, and I tried googling how to get current installed Log4j version, to confirm whether it is installed or not, but I couldn't find it.
My question, is Log4j included with XAMPP Apache server or no? How to confirm it is not installed? Or if it is installed, how to update it to the latest version 2.15.0?
Your support appreciated
Reference URL: https://logging.apache.org/log4j/2.x/
Thank you.