zaproxy contains log4j exploit code

[BustedSec]

The version of ZAP installed is behind the master branch that addressed this

References:
https://www.blumira.com/analysis-log4shell-local-trigger/
https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/

zaproxy/zaproxy#6979.
zaproxy/zaproxy#6980

Unsure what magic was done,

but the magic needs updating to the most recent URL to pull a newer version via wget.

[0xv1n]

Old issue, but no longer needs to be addressed as the latest Zaproxy release uses log4j 2.20.0 per bom.json .

ref: https://github.com/zaproxy/zaproxy/releases/tag/v2.15.0