In Part I, we dug into the internals of the ASP.NET `TemplateParser` and elaborated its capabilities in respect to exploitation. In this part, we will look into whether and how this can also be exploited to gain Remote Code Execution. While this research was originally focussed on the `TemplateParser`, the newly discovered technique was also applicable to SharePoint on-premises and SharePoint Online. So we'll elaborate on how SharePoint protects against the use of malicious code and will pres...
