info/big-list-of-naughty-strings
1
0
Fork 0
mirror of https://github.com/minimaxir/big-list-of-naughty-strings.git synced 2025-09-25 05:12:14 +02:00
Code Issues Releases Wiki Activity

Merge pull request #57 from dehrgg/patch-1

Browse Source 
Add HTML encoded XSS attack vector
This commit is contained in:
Max Woolf
2015-08-19 08:31:33 -07:00
parent 5a8b39159d ff7c2b9788
commit 88347da0be
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
blns.txt
View File

@@ -242,6 +242,7 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮
# Strings which attempt to invoke a benign script injection; shows vulnerability to XSS
<script>alert(123)</script>
&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;
<img src=x onerror=alert(123) />
<svg><script>123<1>alert(123)</script>
"><script>alert(123)</script>