Log4J Vulnerability explained

For the last couple of weeks, it is been over my head to write about the recent Log4j vulnerability exploit.

On December 9, 2021, an Remote Code Execution vulnerability was disclosed within the log4j package (CVE- 2021–44228) by Chen Zhaojun of the Alibaba Cloud Security Team which allows an attacker to execute arbitrary code on machines that utilize the log functions of the log4j package which gave the vulnerability its common name: Log4Shell.

How does the exploit happen??