View Single Post
Old 12-27-2021, 11:01 AM
LTucker LTucker is offline

Join Date: Mar 2020
Posts: 14

Default Apache Log4j Vulnerability

I'm attempting to find out if X-Cart has been affected by the Log4j vulnerability in any way. I have reached out to the X-Cart support team about this issue and did not receive a response.

I have run the scanner manually on the core X-Cart application. As expected the core X-Cart application was not affected by this vulnerability. I can not run the scanner on the APIs that X-Cart or X-Payments use, and do not maintain control over these items.

Did anyone reach out and receive a statement from the X-Cart team about the Log4j vulnerability and how X-Cart was impacted?

CISA Apache Log4j Vulnerability Guidance
Larry Tucker
Programmer Analyst, WPG Americas Inc.

X-Cart v5.4.0.1 [Linux]
Reply With Quote