Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

xss_xss:onmousemove（Rule ID：1030000021）

Release Date：2025/9/15

Rule Name：Detect XSS Injection with HTML Event 'onmousemove'

Severity：high

CVE ID：

Descripiton：

Cross-site scripting(XSS) is a type of computer security vulnerability tipically found in Web application. XSS enables attackers to inject client-side scripts into Web pages viewed by other users. HTML events define the browser actions and the user actions. The 'onmousemove' event is triggered when the mouse is moved. Attackers can inject malicious code via 'onmousemove' event to harm users. This rule detects 'onmousemove' event in HTTP request. This rule supports to defend the A3: Injection of OWASP Top 10 - 2021.
Other reference：None

Solution：

Update vendor patches.