diff --git a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
index b1ac961..8b0432d 100644
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@@ -518,10 +518,9 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
 
         // 记录警告日志（特殊字符攻击在修改密码时不记录）
         if (!(isPasswordUpdateRequest() && attackType.startsWith("SPECIAL_CHAR_PATTERN_"))) {
-            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}, 客户端IP: {}",
+            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}",
                     paramName, attackType,
-                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue,
-                    illegalParam.getClientIp());
+                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue);
         }
     }