View Single Post
Old 12-28-2021, 10:42 AM
LTucker LTucker is offline

Join Date: Mar 2020
Posts: 14

Default Re: Apache Log4j Vulnerability

Okay thank you, that's unfortunate to hear. I appreciate the added resources. I used the CISA scanner from the original post to scan the web server and X-Cart app.

Yes, X-Cart is a PHP based platform which wouldn't directly be affected by this vulnerability. Though many backend services use Java which makes this vulnerability so dangerous. For example cPanel was affected.

I'm mostly wondering how X-Payments was impacted, and if they have reached out to the API services that are used in the XC/ Qualiteam modules. As there are a lot of RESTful services that were built with Java.
Larry Tucker
Programmer Analyst, WPG Americas Inc.

X-Cart v5.4.0.1 [Linux]
Reply With Quote