FastJson 1.2.60远程代码执行漏洞(From第三方jar包)

<!–more–>

正文

[漏洞复现]FastJson 1.2.60远程代码执行漏洞(From第三方jar包)
https://qiita.com/shimizukawasaki/items/c61ad93d80e2998ec0d5

抽象语法树分析寻找FastJSON的Gadgets
https://www.freebuf.com/articles/web/213327.html

Jackson
https://github.com/FasterXML/jackson-databind/issues/2460

• #CloudScanner