Does Log4j Vulnerability Affect Backdrop ?

May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.

Comments

Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.

Note: I don't speak officially for Backdrop, but I'm pretty confident about this.

I'm glad to hear this. Thanks for your affirmation.

Backdrop LIVE

April 3-4, 2025

An interactive online event for anyone interested in Backdrop CMS. Everyone is welcome.

Does Log4j Vulnerability Affect Backdrop ?

Comments

Backdrop LIVE

April 3-4, 2025

Recent topics

Blocks (custom) not displaying in Harris sidebars with visibility condition set to more than one url path (node)

Is there a better way to setup Tab menus?

Add CSS classes in the TinyMCE editor?

Duplicated images in view

Apr 10 2025 Weekly Meetings

Recent comments

Blocks (custom) not displaying in Harris sidebars with visibility condition set to more than one url path (node)

Duplicated images in view

Duplicated images in view

Duplicated images in view

Duplicated images in view