README.md

metadata

license: mit

XSS Round 2

Test A: SVG animate

Test B: SVG set

Test C: SVG foreignObject

Test D: SVG use external

Test E: Style tag

Test F: Base tag

Test G: Object with SVG

Test H: Anchor target

Click me

Test I: noscript

Test J: CSS import

Test K: MathJax/KaTeX

$$\text{href}\backslash href\{javascript:alert(1)\}\{click\}$$

Test L: Tab/newline bypass

test

Test M: HTML comment bypass

<img src=x onerror="alert(1)"--!>

Test N: Mutation XSS

Test O: DOMPurify bypass attempts