No, they're not. Unless you've written code using the .NET SDK, all of the "standard" code for the web applications in 4.x is written in Java, which doesn't use .NET or Log4Net. The .NET SDK install includes a version of Log4Net that is vulnerable, but I don't think any of the SDK actually uses it as that version is specifically for .NET 1, which doesn't work with the current SDK.
-Dell
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.