### 简要描述:
RT
### 详细说明:
http://www22.53kf.com
[<img src="https://images.seebug.org/upload/201601/061400176e19230548611ab537dbe99bb7e8a337.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201601/061400176e19230548611ab537dbe99bb7e8a337.png)
在截图的时候截断
[<img src="https://images.seebug.org/upload/201601/06140241cf1566be4fecf29445b7f62ac2c70f86.png" alt="5.PNG" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201601/06140241cf1566be4fecf29445b7f62ac2c70f86.png)
修改图片地址为XSS地址
[<img src="https://images.seebug.org/upload/201601/0614025800fc3c23886aede68a8df82f2d87b89e.png" alt="3.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201601/0614025800fc3c23886aede68a8df82f2d87b89e.png)
即可打客服
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201601/06140309a2c9db10ff3a3b2c49b560c6237641b9.png" alt="2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201601/06140309a2c9db10ff3a3b2c49b560c6237641b9.png)
[<img src="https://images.seebug.org/upload/201601/061403133d9b0be21f086f7431d877b2768f93a6.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201601/061403133d9b0be21f086f7431d877b2768f93a6.png)
京公网安备 11010502034610号
暂无评论