log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. It uses Log4j 2.14.1 (through spring-boot-starter-log4j2 2.6.1) and the JDK 1.8.0_181. [+] ...