home/categories/framework-internals/yaklang-hack-skills-skills-expression-language-injection-skill-md
framework-internalsdevelopment
expression-language-injection
Expression Language injection playbook. Use when Java EL, SpEL, OGNL, or MVEL expressions may evaluate attacker-controlled input in Spring, Struts2, Confluence, or similar frameworks.
maintainer
yaklang
更新于 4/8/2026
星标
83
分支
10
quick start
Installation and usage
Expression Language injection playbook. Use when Java EL, SpEL, OGNL, or MVEL expressions may evaluate attacker-controlled input in Spring, Struts2, Confluence, or similar frameworks.
安装
$ install --globalskills.sh
使用
安装后,您可以通过在终端运行以下命令来使用此技能:
skills use expression-language-injection