Hi Mayank, Could you confirm that you have also looked in to AEM Forms on JEE ? Is it advisable to mitigate the impact with the use JVM parameters ?i.e, "‐Dlog4j2.formatMsgNoLookups=true"

Regarding the new Apache Log4j vulnerability as per (CVE-2021-44228)The AEM Forms on JEE 6.5.8 uses the log4j 2.10, 2.11.1 versions. These versions are affected by this vulnerability. Could anyone else using it please confirm the same. There may be a temporary workaround to add "‐Dlog4j2.formatMsgNo...