Hi,
Log4Shell is the Critical Vulnertability found in Apache Log4J logging package. This package is more popular and used by enormous applications at the backend. Hence this Remote Code Execution vulnerability became a nightmare.
I tried to explain it with help of John Hammond's TryHackMe room called "Solr".
In which he exploited to Apache Solr Software (which used vulnerable log4j package)
CISA's DB lists vulnerability status of popular applications and products : https://github.com/cisagov/log4j-affected-db
Trendmicro's Blog : https://www.trendmicro.com/en_us/research/21/l/patch-now-apache-log4j-vulnerability-called-log4shell-being-acti.html
TryHackMe - Solr (room) : https://tryhackme.com/room/solar
#Log4j #log4shell #solr
