I'm gonna hope this is it.
<img src="javascript:alert("This?")">
Guess not, maybe...
<img src=javascript:alert("This?")>
Hmm... no....
<img src="javascript:alert('This?')">
Gah, last try, pleaseohplease work...
<img src=alert("Hello")>
-----------------------------------------------
Nvm, theses guys are smart, they change the output to the webpage so it looks like this
I guess the filter replaces my <,>," with the HTML character entity value. I've seen some forums that don't do this, therefore are vulnerable to injection. They would see the alert come up.<!-- message -->
<div id="post_message_*4725">I'm gonna hope this is it.<br />
<br />
<img src="javascript<b></b>:alert("This?""><br />
<br />
Guess not, maybe...<br />
<br />
<img src=javascript<b></b>:alert("This?"
<br />
Hmm... no....<br />
<br />
<img src="javascript<b></b>:alert('This?')"><br />
<br />
Gah, last try, pleaseohplease work...<br />
<br />
<img src=alert("Hello"
<!-- / message -->
Reply With Quote