1 writeup
A Spring Boot search page reflects user input into a Server-Side Template Injection sink, giving RCE as woodenk; a root-owned log-parser cron is then …