-2
我有一个安全扫描,在将http参数设置为以下值时报告XSS漏洞。它呈现脚本标记XSS漏洞脚本标记编码
'1234'"/><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;% 26%23x74;%26%23x3a;alert%26%23x28;5846%26%23x29;>'
它看起来不像html编码或url编码,它对于脚本标记是什么类型的编码?