Re: Apache Log4j Vulnerability
Okay thank you, that's unfortunate to hear. I appreciate the added resources. I used the CISA scanner from the original post to scan the web server and X-Cart app.
Yes, X-Cart is a PHP based platform which wouldn't directly be affected by this vulnerability. Though many backend services use Java which makes this vulnerability so dangerous. For example cPanel was affected.
I'm mostly wondering how X-Payments was impacted, and if they have reached out to the API services that are used in the XC/ Qualiteam modules. As there are a lot of RESTful services that were built with Java.
__________________
Larry Tucker
Programmer Analyst, WPG Americas Inc.
X-Cart v5.4.0.1 [Linux]
|