如何在服务器端模板中注入此代码

Question

对如何SSTI此代码感到好奇。我已经尝试了所有程序，但遇到了麻烦。

我设法用$ {7 * 7}等进行基本算术。奇怪地想知道是否有人有任何解决方案可以成功地将有效载荷注入此代码。谢谢！

<!DOCTYPE html>
<html>
<head>
<title>Home</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script type="text/javascript" src="webjars/jquery/2.1.1/jquery.min.js
</script>
<script type="text/javascript">
function checkSubmit(e) {
    if (e && e.keyCode == 13) {
        checkNickname();
    }
}

function checkNickname() {
    var serviceUrl = "check";
    var nick = $("#nickname").val();
    var postData = "nickname=" + encodeURIComponent(nick);
    $.ajax({
        url : serviceUrl,
        type : "POST",
        data : postData,
        contentType : "application/x-www-form-urlencoded",
        dataType : "text",
        success : function(data) {
            $("#result").text(data);
        },
        error : function(data) {
            $("#result").text("An error occurs!");
        }
    });
}
</script>
</head>
<body><link rel='stylesheet' property='stylesheet' id='s' type='text/css'
href='/template/s.css' media='all' /><iframe id='iframe'
src='https://www.root-me.org/?page=externe_header'></iframe>
<div onkeypress="checkSubmit(event)">
    <label>Do I know you? Please send me your nickname:&nbsp
</label>&nbsp;
<input type="text" id="nickname" name="nickname" autofocus="autofocus"
        size="20" />&nbsp;
    <button type="button" onclick="checkNickname();">Check</button>
</div>
<div id="result"></div>
</body>
</html>