<!DOCTYPE html>
< lang="en">
<head>
<meta charset="UTF-7">
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7">
<meta http-equiv="refresh" content="0;url=;">
<META HTTP-EQUIV="Set-Cookie" Content="USERID=">
<BASE HREF=";//">
<title>XSS</TITLE>
<!-- style -->
<STYLE>@im\port'\ja\vasc\ript:document.vulnerable=true';</STYLE>
<STYLE TYPE="text/javascript">document.vulnerable=true;</STYLE>
<STYLE type="text/css">BODY{background:url("")}</STYLE>
<style type="text/javascript">document.vulnerable=true;</style>
<STYLE>.XSS{background-image:url("");}</STYLE>
-->
<style><!--</style>
<!-- -- --><!-- -- -->
<![CDATA[
<
<!--[if gte IE 4]><![endif]-->
<
[\xC0][\xBC]script>document.vulnerable=true;[\xC0][\xBC]/script>
document.vulnerable=true;</B>
&
</head>
<BODY BACKGROUND=";" !#$%&()*~+-_.,:;?@[/|\]^`=document.vulnerable=true;>
<!-- link -->
<link rel="stylesheet" href=";">
<LINK REL="stylesheet" HREF=";">
<!-- a -->
exp/*<A >XSS</A>
<a href=""></a>
<a href="about:"></a>
<A ></A>
<!-- layer -->
<LAYER SRC=";"></LAYER>
<!-- br -->
<BR SIZE="&{document.vulnerable=true}">
<!-- input -->
<INPUT TYPE="IMAGE" SRC=";">
<input type="image" dynsrc=";">
<!-- bgsound -->
<BGSOUND SRC=";">foo</BGSOUND>
<bgsound src=";"></bgsound>
<!-- frameset -->
<FRAMESET><FRAME SRC=";"></FRAMESET>
<!-- images -->
<IMG >
< LOWSRC=";">
<IMG DYNSRC=";">
<img >
< SRC=";">
<IMG SRC=";">
<img src=";">
<IMG SRC=";">
<img src="">
<img src=";">
<img src=";">
<img >" =">
< dynsrc=";">
<IMG SRC=" ;">
<!-- object -->
<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=></OBJECT>
<object classid="clsid:..." codebase=";"></object>
<!-- iframe -->
<IFRAME SRC=";"></IFRAME>
<iframe src="; "></iframe>
<!-- table -->
<TABLE BACKGROUND=";"></TABLE>
<TABLE><TD BACKGROUND=";"></TD></TABLE>
<!-- xml -->
<xml src=";"></xml>
<xml id="X"><a><b>;</b></a></xml>
<XML ID=I><X><C><![CDATA[<IMG src="">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>
<XML ID="xss"><I><B><IMG src=""></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>
<?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2">< attributeName="innerHTML" to="XSSdocument.vulnerable=true">
<!-- div -->
<div datafld="b" dataformatas="html" datasrc="#X"></div>
<DIV >
<DIV >XSS</DIV>
<DIV ></DIV>
</DIV>
<div >XSS</div>
<div ></div>
<div ></div>
<div ></div>
<!-- list -->
<STYLE>li {list-style-image: url(";");</STYLE><UL><LI>XSS</LI></UL>
<!-- php -->
<? echo('<SCR)';echo('IPT>document.vulnerable=true'); ?>
<!-- text -->
<p>alert(1)</p>
<p><img src="(1)">
<XSS >
<!-- link + text -->
<p>foo<a href="http://example.com">link</a></p>
<p><a href="http://example.com" title="title">link2</a></p>
<p><a >">link3</a></p>
<p><a >">link4 >alert(1)</a></p>
<!-- images + text -->
<p><img src="http://example.com" alt="img" /></p>
<p><img src="http://example.com" alt="img2" title="text" /></p>
<p><img >" alt="img3" /></p>
</body>
</html>