XSS Context Examples
Reflected XSS
Text
Two injections
div
div+attribute
jQuery
Delete `<script>`
`&` to `&`
Secret text
<script src>
`&` to `&amp;`
Attribute
String Literal
Link
Path
Form
Form 2
Form 3
XML
DOM based XSS
document.write()
innerHTML
Redirect
eval
Useful Resources for Attacks
Angular
jQuery
babel-standalone
underscore.js
Vue.js
usercontent/xss.js
usercontent/icon.jpg
usercontent/xss.txt
wp-includes/js/mediaelement/flashmediaelement.swf
