May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.
Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.
Note: I don't speak officially for Backdrop, but I'm pretty confident about this.
I’m working on a group within the project comunidadthreads.com I launched using BackdropCMS, where I’ll be posting short, easy-to-follow tutorials for anyone interested in learning how to build...
I could create tutorials, with images and screenshots, that explain step by step how to install and use BackdropCMS, designed especially for non-technical people.
The idea is to create clear...
We have had Spanish Language sessions at Backdrop LIVE in the past. If anyone would like to facilitate a session at Backdrop LIVE in Spanish OR about creating more Spanish resources, that would...
Hello, if at the general level give ease of access to information, for most freelancers who want to put together a portfolio, a blog for editors. Something that is easy to understand and use and...
Comments
Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.
Note: I don't speak officially for Backdrop, but I'm pretty confident about this.
I'm glad to hear this. Thanks for your affirmation.