Cross-site Scripting (XSS) - Generic (CWE-79)

Cross-Site Scripting (XSS) Cheat Sheet

March 7, 2026

58 views

Cheatsheet Summary

This cheat sheet covers: - Reflected XSS: Payloads reflected in the immediate response. - Stored XSS: Payloads persisted in the database. - DOM-based XSS: Payloads executed via client-side JavaScript. - Framework-specific XSS: Exploiting template engines like AngularJS. - Bypass Techniques: WAF evasion and encoding.

📝 Short Summary

This cheat sheet covers:

Reflected XSS: Payloads reflected in the immediate response.
Stored XSS: Payloads persisted in the database.
DOM-based XSS: Payloads executed via client-side JavaScript.
Framework-specific XSS: Exploiting template engines like AngularJS.
Bypass Techniques: WAF evasion and encoding.

Identification Required

You must be logged in to read this cheatsheet. Join our community of researchers today.

Sign In Register

Related Cheatsheets

heroxo9868

XSS (Cross-Site Scripting) Cheatsheet

Master Cross-Site Scripting (XSS), including injection techniques, common attack vectors, WAF evasion methods, and advanced Content Security Policy (CSP) bypass techniques.

LogicalBreach Academy

Cross-Site Scripting (XSS) Cheat Sheet

📝 Short Summary

Identification Required

Related Cheatsheets

XSS (Cross-Site Scripting) Cheatsheet

Discussion