WeChat public number belongs to Tencent, which is an application account applied by developers or merchants on the WeChat public platform. The account is interoperable with QQ accounts, and the platform enables all-round communication and interaction with specific groups of people in text, pictures, voice and video, forming an online and offline WeChat interactive marketing method. There is an XSS vulnerability in the backend system of WeChat Public, which can be used by attackers to obtain sensitive information such as administrator cookies.