<!DOCTYPE html> < lang="en"> <head> <meta charset="UTF-7"> <META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> <meta http-equiv="refresh" content="0;url=;"> <META HTTP-EQUIV="Set-Cookie" Content="USERID="> <BASE HREF=";//"> <title>XSS</TITLE> <!-- style --> <STYLE>@im\port'\ja\vasc\ript:document.vulnerable=true';</STYLE> <STYLE TYPE="text/javascript">document.vulnerable=true;</STYLE> <STYLE type="text/css">BODY{background:url("")}</STYLE> <style type="text/javascript">document.vulnerable=true;</style> <STYLE>.XSS{background-image:url("");}</STYLE> --> <style><!--</style> <!-- -- --><!-- -- --> <![CDATA[ < <!--[if gte IE 4]><![endif]--> < [\xC0][\xBC]script>document.vulnerable=true;[\xC0][\xBC]/script> document.vulnerable=true;</B> & </head> <BODY BACKGROUND=";" !#$%&()*~+-_.,:;?@[/|\]^`=document.vulnerable=true;> <!-- link --> <link rel="stylesheet" href=";"> <LINK REL="stylesheet" HREF=";"> <!-- a --> exp/*<A >XSS</A> <a href=""></a> <a href="about:"></a> <A ></A> <!-- layer --> <LAYER SRC=";"></LAYER> <!-- br --> <BR SIZE="&{document.vulnerable=true}"> <!-- input --> <INPUT TYPE="IMAGE" SRC=";"> <input type="image" dynsrc=";"> <!-- bgsound --> <BGSOUND SRC=";">foo</BGSOUND> <bgsound src=";"></bgsound> <!-- frameset --> <FRAMESET><FRAME SRC=";"></FRAMESET> <!-- images --> <IMG > < LOWSRC=";"> <IMG DYNSRC=";"> <img > < SRC=";"> <IMG SRC=";"> <img src=";"> <IMG SRC=";"> <img src=""> <img src=";"> <img src=";"> <img >" ="> < dynsrc=";"> <IMG SRC="  ;"> <!-- object --> <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=></OBJECT> <object classid="clsid:..." codebase=";"></object> <!-- iframe --> <IFRAME SRC=";"></IFRAME> <iframe src="; "></iframe> <!-- table --> <TABLE BACKGROUND=";"></TABLE> <TABLE><TD BACKGROUND=";"></TD></TABLE> <!-- xml --> <xml src=";"></xml> <xml id="X"><a><b>;</b></a></xml> <XML ID=I><X><C><![CDATA[<IMG src="">]]</C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN> <XML ID="xss"><I><B><IMG src=""></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN> <?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2">< attributeName="innerHTML" to="XSSdocument.vulnerable=true"> <!-- div --> <div datafld="b" dataformatas="html" datasrc="#X"></div> <DIV > <DIV >XSS</DIV> <DIV ></DIV> </DIV> <div >XSS</div> <div ></div> <div ></div> <div ></div> <!-- list --> <STYLE>li {list-style-image: url(";");</STYLE><UL><LI>XSS</LI></UL> <!-- php --> <? echo('<SCR)';echo('IPT>document.vulnerable=true'); ?> <!-- text --> <p>alert(1)</p> <p><img src="(1)"> <XSS > <!-- link + text --> <p>foo<a href="http://example.com">link</a></p> <p><a href="http://example.com" title="title">link2</a></p> <p><a >">link3</a></p> <p><a >">link4 >alert(1)</a></p> <!-- images + text --> <p><img src="http://example.com" alt="img" /></p> <p><img src="http://example.com" alt="img2" title="text" /></p> <p><img >" alt="img3" /></p> </body> </html>