XenFacil.com
Administrador
- Mensajes
- 440
- Puntuación de reacciones
- 57
- Puntos
- 28
It has come to our attention today that a vulnerability has been discovered in popular Java logging library Log4j 2 which may allow attackers to arbitrarily execute code (remote code execution).
Apache Log4j 2 is bundled with and used in many Java applications including Elasticsearch.
XenForo itself is not directly exploitable, and we are currently investigating whether XenForo Enhanced Search can be used as a vector at all, but this is potentially significant enough that an abundance of...
Read more
Continúar leyendo...
Apache Log4j 2 is bundled with and used in many Java applications including Elasticsearch.
XenForo itself is not directly exploitable, and we are currently investigating whether XenForo Enhanced Search can be used as a vector at all, but this is potentially significant enough that an abundance of...
Read more
Continúar leyendo...