HTML Purifier Variable Width Attack Smoketest

For more information, see Cheng Peng Su's original advisory. This particular exploit code appears only to work in Internet Explorer, if it works at all.

Test

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

Warning: Directory /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 in /home/classclassifieds/public_html/stagingclassclassifieds/project/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php on line 272

ASCII	Raw	Output	Render
0	<img src="" alt="X">A"onerror=alert('0')>O	<img src="" alt="X" />A"onerror=alert('0')>O	A"onerror=alert('0')>O
1	<img src="" alt="X">A"onerror=alert('1')>O	<img src="" alt="X" />A"onerror=alert('1')>O	A"onerror=alert('1')>O
2	<img src="" alt="X">A"onerror=alert('2')>O	<img src="" alt="X" />A"onerror=alert('2')>O	A"onerror=alert('2')>O
3	<img src="" alt="X">A"onerror=alert('3')>O	<img src="" alt="X" />A"onerror=alert('3')>O	A"onerror=alert('3')>O
4	<img src="" alt="X">A"onerror=alert('4')>O	<img src="" alt="X" />A"onerror=alert('4')>O	A"onerror=alert('4')>O
5	<img src="" alt="X">A"onerror=alert('5')>O	<img src="" alt="X" />A"onerror=alert('5')>O	A"onerror=alert('5')>O
6	<img src="" alt="X">A"onerror=alert('6')>O	<img src="" alt="X" />A"onerror=alert('6')>O	A"onerror=alert('6')>O
7	<img src="" alt="X">A"onerror=alert('7')>O	<img src="" alt="X" />A"onerror=alert('7')>O	A"onerror=alert('7')>O
8	<img src="" alt="X">A"onerror=alert('8')>O	<img src="" alt="X" />A"onerror=alert('8')>O	A"onerror=alert('8')>O
9	<img src="" alt="X ">A"onerror=alert('9')>O	<img src="" alt="X" />A"onerror=alert('9')>O	A"onerror=alert('9')>O
10	<img src="" alt="X ">A"onerror=alert('10')>O	<img src="" alt="X" />A"onerror=alert('10')>O	A"onerror=alert('10')>O
11	<img src="" alt="X">A"onerror=alert('11')>O	<img src="" alt="X" />A"onerror=alert('11')>O	A"onerror=alert('11')>O
12	<img src="" alt="X">A"onerror=alert('12')>O	<img src="" alt="X" />A"onerror=alert('12')>O	A"onerror=alert('12')>O
13	<img src="" alt="X ">A"onerror=alert('13')>O	<img src="" alt="X" />A"onerror=alert('13')>O	A"onerror=alert('13')>O
14	<img src="" alt="X">A"onerror=alert('14')>O	<img src="" alt="X" />A"onerror=alert('14')>O	A"onerror=alert('14')>O
15	<img src="" alt="X">A"onerror=alert('15')>O	<img src="" alt="X" />A"onerror=alert('15')>O	A"onerror=alert('15')>O
16	<img src="" alt="X">A"onerror=alert('16')>O	<img src="" alt="X" />A"onerror=alert('16')>O	A"onerror=alert('16')>O
17	<img src="" alt="X">A"onerror=alert('17')>O	<img src="" alt="X" />A"onerror=alert('17')>O	A"onerror=alert('17')>O
18	<img src="" alt="X">A"onerror=alert('18')>O	<img src="" alt="X" />A"onerror=alert('18')>O	A"onerror=alert('18')>O
19	<img src="" alt="X">A"onerror=alert('19')>O	<img src="" alt="X" />A"onerror=alert('19')>O	A"onerror=alert('19')>O
20	<img src="" alt="X">A"onerror=alert('20')>O	<img src="" alt="X" />A"onerror=alert('20')>O	A"onerror=alert('20')>O
21	<img src="" alt="X">A"onerror=alert('21')>O	<img src="" alt="X" />A"onerror=alert('21')>O	A"onerror=alert('21')>O
22	<img src="" alt="X">A"onerror=alert('22')>O	<img src="" alt="X" />A"onerror=alert('22')>O	A"onerror=alert('22')>O
23	<img src="" alt="X">A"onerror=alert('23')>O	<img src="" alt="X" />A"onerror=alert('23')>O	A"onerror=alert('23')>O
24	<img src="" alt="X">A"onerror=alert('24')>O	<img src="" alt="X" />A"onerror=alert('24')>O	A"onerror=alert('24')>O
25	<img src="" alt="X">A"onerror=alert('25')>O	<img src="" alt="X" />A"onerror=alert('25')>O	A"onerror=alert('25')>O
26	<img src="" alt="X">A"onerror=alert('26')>O	<img src="" alt="X" />A"onerror=alert('26')>O	A"onerror=alert('26')>O
27	<img src="" alt="X">A"onerror=alert('27')>O	<img src="" alt="X" />A"onerror=alert('27')>O	A"onerror=alert('27')>O
28	<img src="" alt="X">A"onerror=alert('28')>O	<img src="" alt="X" />A"onerror=alert('28')>O	A"onerror=alert('28')>O
29	<img src="" alt="X">A"onerror=alert('29')>O	<img src="" alt="X" />A"onerror=alert('29')>O	A"onerror=alert('29')>O
30	<img src="" alt="X">A"onerror=alert('30')>O	<img src="" alt="X" />A"onerror=alert('30')>O	A"onerror=alert('30')>O
31	<img src="" alt="X">A"onerror=alert('31')>O	<img src="" alt="X" />A"onerror=alert('31')>O	A"onerror=alert('31')>O
32	<img src="" alt="X ">A"onerror=alert('32')>O	<img src="" alt="X" />A"onerror=alert('32')>O	A"onerror=alert('32')>O
33	<img src="" alt="X!">A"onerror=alert('33')>O	<img src="" alt="X!" />A"onerror=alert('33')>O	A"onerror=alert('33')>O
34	<img src="" alt="X"">A"onerror=alert('34')>O	<img src="" alt="X" />A"onerror=alert('34')>O	A"onerror=alert('34')>O
35	<img src="" alt="X#">A"onerror=alert('35')>O	<img src="" alt="X#" />A"onerror=alert('35')>O	A"onerror=alert('35')>O
36	<img src="" alt="X$">A"onerror=alert('36')>O	<img src="" alt="X$" />A"onerror=alert('36')>O	A"onerror=alert('36')>O
37	<img src="" alt="X%">A"onerror=alert('37')>O	<img src="" alt="X%" />A"onerror=alert('37')>O	A"onerror=alert('37')>O
38	<img src="" alt="X&">A"onerror=alert('38')>O	<img src="" alt="X&" />A"onerror=alert('38')>O	A"onerror=alert('38')>O
39	<img src="" alt="X'">A"onerror=alert('39')>O	<img src="" alt="X'" />A"onerror=alert('39')>O	A"onerror=alert('39')>O
40	<img src="" alt="X(">A"onerror=alert('40')>O	<img src="" alt="X(" />A"onerror=alert('40')>O	A"onerror=alert('40')>O
41	<img src="" alt="X)">A"onerror=alert('41')>O	<img src="" alt="X)" />A"onerror=alert('41')>O	A"onerror=alert('41')>O
42	<img src="" alt="X*">A"onerror=alert('42')>O	<img src="" alt="X*" />A"onerror=alert('42')>O	A"onerror=alert('42')>O
43	<img src="" alt="X+">A"onerror=alert('43')>O	<img src="" alt="X+" />A"onerror=alert('43')>O	A"onerror=alert('43')>O
44	<img src="" alt="X,">A"onerror=alert('44')>O	<img src="" alt="X," />A"onerror=alert('44')>O	A"onerror=alert('44')>O
45	<img src="" alt="X-">A"onerror=alert('45')>O	<img src="" alt="X-" />A"onerror=alert('45')>O	A"onerror=alert('45')>O
46	<img src="" alt="X.">A"onerror=alert('46')>O	<img src="" alt="X." />A"onerror=alert('46')>O	A"onerror=alert('46')>O
47	<img src="" alt="X/">A"onerror=alert('47')>O	<img src="" alt="X/" />A"onerror=alert('47')>O	A"onerror=alert('47')>O
48	<img src="" alt="X0">A"onerror=alert('48')>O	<img src="" alt="X0" />A"onerror=alert('48')>O	A"onerror=alert('48')>O
49	<img src="" alt="X1">A"onerror=alert('49')>O	<img src="" alt="X1" />A"onerror=alert('49')>O	A"onerror=alert('49')>O
50	<img src="" alt="X2">A"onerror=alert('50')>O	<img src="" alt="X2" />A"onerror=alert('50')>O	A"onerror=alert('50')>O
51	<img src="" alt="X3">A"onerror=alert('51')>O	<img src="" alt="X3" />A"onerror=alert('51')>O	A"onerror=alert('51')>O
52	<img src="" alt="X4">A"onerror=alert('52')>O	<img src="" alt="X4" />A"onerror=alert('52')>O	A"onerror=alert('52')>O
53	<img src="" alt="X5">A"onerror=alert('53')>O	<img src="" alt="X5" />A"onerror=alert('53')>O	A"onerror=alert('53')>O
54	<img src="" alt="X6">A"onerror=alert('54')>O	<img src="" alt="X6" />A"onerror=alert('54')>O	A"onerror=alert('54')>O
55	<img src="" alt="X7">A"onerror=alert('55')>O	<img src="" alt="X7" />A"onerror=alert('55')>O	A"onerror=alert('55')>O
56	<img src="" alt="X8">A"onerror=alert('56')>O	<img src="" alt="X8" />A"onerror=alert('56')>O	A"onerror=alert('56')>O
57	<img src="" alt="X9">A"onerror=alert('57')>O	<img src="" alt="X9" />A"onerror=alert('57')>O	A"onerror=alert('57')>O
58	<img src="" alt="X:">A"onerror=alert('58')>O	<img src="" alt="X:" />A"onerror=alert('58')>O	A"onerror=alert('58')>O
59	<img src="" alt="X;">A"onerror=alert('59')>O	<img src="" alt="X;" />A"onerror=alert('59')>O	A"onerror=alert('59')>O
60	<img src="" alt="X<">A"onerror=alert('60')>O	<img src="" alt="X<" />A"onerror=alert('60')>O	A"onerror=alert('60')>O
61	<img src="" alt="X=">A"onerror=alert('61')>O	<img src="" alt="X=" />A"onerror=alert('61')>O	A"onerror=alert('61')>O
62	<img src="" alt="X>">A"onerror=alert('62')>O	<img src="" alt="X>" />A"onerror=alert('62')>O	A"onerror=alert('62')>O
63	<img src="" alt="X?">A"onerror=alert('63')>O	<img src="" alt="X?" />A"onerror=alert('63')>O	A"onerror=alert('63')>O
64	<img src="" alt="X@">A"onerror=alert('64')>O	<img src="" alt="X@" />A"onerror=alert('64')>O	A"onerror=alert('64')>O
65	<img src="" alt="XA">A"onerror=alert('65')>O	<img src="" alt="XA" />A"onerror=alert('65')>O	A"onerror=alert('65')>O
66	<img src="" alt="XB">A"onerror=alert('66')>O	<img src="" alt="XB" />A"onerror=alert('66')>O	A"onerror=alert('66')>O
67	<img src="" alt="XC">A"onerror=alert('67')>O	<img src="" alt="XC" />A"onerror=alert('67')>O	A"onerror=alert('67')>O
68	<img src="" alt="XD">A"onerror=alert('68')>O	<img src="" alt="XD" />A"onerror=alert('68')>O	A"onerror=alert('68')>O
69	<img src="" alt="XE">A"onerror=alert('69')>O	<img src="" alt="XE" />A"onerror=alert('69')>O	A"onerror=alert('69')>O
70	<img src="" alt="XF">A"onerror=alert('70')>O	<img src="" alt="XF" />A"onerror=alert('70')>O	A"onerror=alert('70')>O
71	<img src="" alt="XG">A"onerror=alert('71')>O	<img src="" alt="XG" />A"onerror=alert('71')>O	A"onerror=alert('71')>O
72	<img src="" alt="XH">A"onerror=alert('72')>O	<img src="" alt="XH" />A"onerror=alert('72')>O	A"onerror=alert('72')>O
73	<img src="" alt="XI">A"onerror=alert('73')>O	<img src="" alt="XI" />A"onerror=alert('73')>O	A"onerror=alert('73')>O
74	<img src="" alt="XJ">A"onerror=alert('74')>O	<img src="" alt="XJ" />A"onerror=alert('74')>O	A"onerror=alert('74')>O
75	<img src="" alt="XK">A"onerror=alert('75')>O	<img src="" alt="XK" />A"onerror=alert('75')>O	A"onerror=alert('75')>O
76	<img src="" alt="XL">A"onerror=alert('76')>O	<img src="" alt="XL" />A"onerror=alert('76')>O	A"onerror=alert('76')>O
77	<img src="" alt="XM">A"onerror=alert('77')>O	<img src="" alt="XM" />A"onerror=alert('77')>O	A"onerror=alert('77')>O
78	<img src="" alt="XN">A"onerror=alert('78')>O	<img src="" alt="XN" />A"onerror=alert('78')>O	A"onerror=alert('78')>O
79	<img src="" alt="XO">A"onerror=alert('79')>O	<img src="" alt="XO" />A"onerror=alert('79')>O	A"onerror=alert('79')>O
80	<img src="" alt="XP">A"onerror=alert('80')>O	<img src="" alt="XP" />A"onerror=alert('80')>O	A"onerror=alert('80')>O
81	<img src="" alt="XQ">A"onerror=alert('81')>O	<img src="" alt="XQ" />A"onerror=alert('81')>O	A"onerror=alert('81')>O
82	<img src="" alt="XR">A"onerror=alert('82')>O	<img src="" alt="XR" />A"onerror=alert('82')>O	A"onerror=alert('82')>O
83	<img src="" alt="XS">A"onerror=alert('83')>O	<img src="" alt="XS" />A"onerror=alert('83')>O	A"onerror=alert('83')>O
84	<img src="" alt="XT">A"onerror=alert('84')>O	<img src="" alt="XT" />A"onerror=alert('84')>O	A"onerror=alert('84')>O
85	<img src="" alt="XU">A"onerror=alert('85')>O	<img src="" alt="XU" />A"onerror=alert('85')>O	A"onerror=alert('85')>O
86	<img src="" alt="XV">A"onerror=alert('86')>O	<img src="" alt="XV" />A"onerror=alert('86')>O	A"onerror=alert('86')>O
87	<img src="" alt="XW">A"onerror=alert('87')>O	<img src="" alt="XW" />A"onerror=alert('87')>O	A"onerror=alert('87')>O
88	<img src="" alt="XX">A"onerror=alert('88')>O	<img src="" alt="XX" />A"onerror=alert('88')>O	A"onerror=alert('88')>O
89	<img src="" alt="XY">A"onerror=alert('89')>O	<img src="" alt="XY" />A"onerror=alert('89')>O	A"onerror=alert('89')>O
90	<img src="" alt="XZ">A"onerror=alert('90')>O	<img src="" alt="XZ" />A"onerror=alert('90')>O	A"onerror=alert('90')>O
91	<img src="" alt="X[">A"onerror=alert('91')>O	<img src="" alt="X[" />A"onerror=alert('91')>O	A"onerror=alert('91')>O
92	<img src="" alt="X\">A"onerror=alert('92')>O	<img src="" alt="X\" />A"onerror=alert('92')>O	$X\$ A"onerror=alert('92')>O
93	<img src="" alt="X]">A"onerror=alert('93')>O	<img src="" alt="X]" />A"onerror=alert('93')>O	A"onerror=alert('93')>O
94	<img src="" alt="X^">A"onerror=alert('94')>O	<img src="" alt="X^" />A"onerror=alert('94')>O	A"onerror=alert('94')>O
95	<img src="" alt="X_">A"onerror=alert('95')>O	<img src="" alt="X_" />A"onerror=alert('95')>O	A"onerror=alert('95')>O
96	<img src="" alt="X`">A"onerror=alert('96')>O	<img src="" alt="X` " />A"onerror=alert('96')>O	A"onerror=alert('96')>O
97	<img src="" alt="Xa">A"onerror=alert('97')>O	<img src="" alt="Xa" />A"onerror=alert('97')>O	A"onerror=alert('97')>O
98	<img src="" alt="Xb">A"onerror=alert('98')>O	<img src="" alt="Xb" />A"onerror=alert('98')>O	A"onerror=alert('98')>O
99	<img src="" alt="Xc">A"onerror=alert('99')>O	<img src="" alt="Xc" />A"onerror=alert('99')>O	A"onerror=alert('99')>O
100	<img src="" alt="Xd">A"onerror=alert('100')>O	<img src="" alt="Xd" />A"onerror=alert('100')>O	A"onerror=alert('100')>O
101	<img src="" alt="Xe">A"onerror=alert('101')>O	<img src="" alt="Xe" />A"onerror=alert('101')>O	A"onerror=alert('101')>O
102	<img src="" alt="Xf">A"onerror=alert('102')>O	<img src="" alt="Xf" />A"onerror=alert('102')>O	A"onerror=alert('102')>O
103	<img src="" alt="Xg">A"onerror=alert('103')>O	<img src="" alt="Xg" />A"onerror=alert('103')>O	A"onerror=alert('103')>O
104	<img src="" alt="Xh">A"onerror=alert('104')>O	<img src="" alt="Xh" />A"onerror=alert('104')>O	A"onerror=alert('104')>O
105	<img src="" alt="Xi">A"onerror=alert('105')>O	<img src="" alt="Xi" />A"onerror=alert('105')>O	A"onerror=alert('105')>O
106	<img src="" alt="Xj">A"onerror=alert('106')>O	<img src="" alt="Xj" />A"onerror=alert('106')>O	A"onerror=alert('106')>O
107	<img src="" alt="Xk">A"onerror=alert('107')>O	<img src="" alt="Xk" />A"onerror=alert('107')>O	A"onerror=alert('107')>O
108	<img src="" alt="Xl">A"onerror=alert('108')>O	<img src="" alt="Xl" />A"onerror=alert('108')>O	A"onerror=alert('108')>O
109	<img src="" alt="Xm">A"onerror=alert('109')>O	<img src="" alt="Xm" />A"onerror=alert('109')>O	A"onerror=alert('109')>O
110	<img src="" alt="Xn">A"onerror=alert('110')>O	<img src="" alt="Xn" />A"onerror=alert('110')>O	A"onerror=alert('110')>O
111	<img src="" alt="Xo">A"onerror=alert('111')>O	<img src="" alt="Xo" />A"onerror=alert('111')>O	A"onerror=alert('111')>O
112	<img src="" alt="Xp">A"onerror=alert('112')>O	<img src="" alt="Xp" />A"onerror=alert('112')>O	A"onerror=alert('112')>O
113	<img src="" alt="Xq">A"onerror=alert('113')>O	<img src="" alt="Xq" />A"onerror=alert('113')>O	A"onerror=alert('113')>O
114	<img src="" alt="Xr">A"onerror=alert('114')>O	<img src="" alt="Xr" />A"onerror=alert('114')>O	A"onerror=alert('114')>O
115	<img src="" alt="Xs">A"onerror=alert('115')>O	<img src="" alt="Xs" />A"onerror=alert('115')>O	A"onerror=alert('115')>O
116	<img src="" alt="Xt">A"onerror=alert('116')>O	<img src="" alt="Xt" />A"onerror=alert('116')>O	A"onerror=alert('116')>O
117	<img src="" alt="Xu">A"onerror=alert('117')>O	<img src="" alt="Xu" />A"onerror=alert('117')>O	A"onerror=alert('117')>O
118	<img src="" alt="Xv">A"onerror=alert('118')>O	<img src="" alt="Xv" />A"onerror=alert('118')>O	A"onerror=alert('118')>O
119	<img src="" alt="Xw">A"onerror=alert('119')>O	<img src="" alt="Xw" />A"onerror=alert('119')>O	A"onerror=alert('119')>O
120	<img src="" alt="Xx">A"onerror=alert('120')>O	<img src="" alt="Xx" />A"onerror=alert('120')>O	A"onerror=alert('120')>O
121	<img src="" alt="Xy">A"onerror=alert('121')>O	<img src="" alt="Xy" />A"onerror=alert('121')>O	A"onerror=alert('121')>O
122	<img src="" alt="Xz">A"onerror=alert('122')>O	<img src="" alt="Xz" />A"onerror=alert('122')>O	A"onerror=alert('122')>O
123	<img src="" alt="X{">A"onerror=alert('123')>O	<img src="" alt="X{" />A"onerror=alert('123')>O	A"onerror=alert('123')>O
124	<img src="" alt="X\|">A"onerror=alert('124')>O	<img src="" alt="X\|" />A"onerror=alert('124')>O	A"onerror=alert('124')>O
125	<img src="" alt="X}">A"onerror=alert('125')>O	<img src="" alt="X}" />A"onerror=alert('125')>O	A"onerror=alert('125')>O
126	<img src="" alt="X~">A"onerror=alert('126')>O	<img src="" alt="X~" />A"onerror=alert('126')>O	A"onerror=alert('126')>O
127	<img src="" alt="X">A"onerror=alert('127')>O	<img src="" alt="X" />A"onerror=alert('127')>O	A"onerror=alert('127')>O
128	<img src="" alt="X">A"onerror=alert('128')>O	<img src="" alt="X" />A"onerror=alert('128')>O	A"onerror=alert('128')>O
129	<img src="" alt="X">A"onerror=alert('129')>O	<img src="" alt="X" />A"onerror=alert('129')>O	A"onerror=alert('129')>O
130	<img src="" alt="X">A"onerror=alert('130')>O	<img src="" alt="X" />A"onerror=alert('130')>O	A"onerror=alert('130')>O
131	<img src="" alt="X">A"onerror=alert('131')>O	<img src="" alt="X" />A"onerror=alert('131')>O	A"onerror=alert('131')>O
132	<img src="" alt="X">A"onerror=alert('132')>O	<img src="" alt="X" />A"onerror=alert('132')>O	A"onerror=alert('132')>O
133	<img src="" alt="X">A"onerror=alert('133')>O	<img src="" alt="X" />A"onerror=alert('133')>O	A"onerror=alert('133')>O
134	<img src="" alt="X">A"onerror=alert('134')>O	<img src="" alt="X" />A"onerror=alert('134')>O	A"onerror=alert('134')>O
135	<img src="" alt="X">A"onerror=alert('135')>O	<img src="" alt="X" />A"onerror=alert('135')>O	A"onerror=alert('135')>O
136	<img src="" alt="X">A"onerror=alert('136')>O	<img src="" alt="X" />A"onerror=alert('136')>O	A"onerror=alert('136')>O
137	<img src="" alt="X">A"onerror=alert('137')>O	<img src="" alt="X" />A"onerror=alert('137')>O	A"onerror=alert('137')>O
138	<img src="" alt="X">A"onerror=alert('138')>O	<img src="" alt="X" />A"onerror=alert('138')>O	A"onerror=alert('138')>O
139	<img src="" alt="X">A"onerror=alert('139')>O	<img src="" alt="X" />A"onerror=alert('139')>O	A"onerror=alert('139')>O
140	<img src="" alt="X">A"onerror=alert('140')>O	<img src="" alt="X" />A"onerror=alert('140')>O	A"onerror=alert('140')>O
141	<img src="" alt="X">A"onerror=alert('141')>O	<img src="" alt="X" />A"onerror=alert('141')>O	A"onerror=alert('141')>O
142	<img src="" alt="X">A"onerror=alert('142')>O	<img src="" alt="X" />A"onerror=alert('142')>O	A"onerror=alert('142')>O
143	<img src="" alt="X">A"onerror=alert('143')>O	<img src="" alt="X" />A"onerror=alert('143')>O	A"onerror=alert('143')>O
144	<img src="" alt="X">A"onerror=alert('144')>O	<img src="" alt="X" />A"onerror=alert('144')>O	A"onerror=alert('144')>O
145	<img src="" alt="X">A"onerror=alert('145')>O	<img src="" alt="X" />A"onerror=alert('145')>O	A"onerror=alert('145')>O
146	<img src="" alt="X">A"onerror=alert('146')>O	<img src="" alt="X" />A"onerror=alert('146')>O	A"onerror=alert('146')>O
147	<img src="" alt="X">A"onerror=alert('147')>O	<img src="" alt="X" />A"onerror=alert('147')>O	A"onerror=alert('147')>O
148	<img src="" alt="X">A"onerror=alert('148')>O	<img src="" alt="X" />A"onerror=alert('148')>O	A"onerror=alert('148')>O
149	<img src="" alt="X">A"onerror=alert('149')>O	<img src="" alt="X" />A"onerror=alert('149')>O	A"onerror=alert('149')>O
150	<img src="" alt="X">A"onerror=alert('150')>O	<img src="" alt="X" />A"onerror=alert('150')>O	A"onerror=alert('150')>O
151	<img src="" alt="X">A"onerror=alert('151')>O	<img src="" alt="X" />A"onerror=alert('151')>O	A"onerror=alert('151')>O
152	<img src="" alt="X">A"onerror=alert('152')>O	<img src="" alt="X" />A"onerror=alert('152')>O	A"onerror=alert('152')>O
153	<img src="" alt="X">A"onerror=alert('153')>O	<img src="" alt="X" />A"onerror=alert('153')>O	A"onerror=alert('153')>O
154	<img src="" alt="X">A"onerror=alert('154')>O	<img src="" alt="X" />A"onerror=alert('154')>O	A"onerror=alert('154')>O
155	<img src="" alt="X">A"onerror=alert('155')>O	<img src="" alt="X" />A"onerror=alert('155')>O	A"onerror=alert('155')>O
156	<img src="" alt="X">A"onerror=alert('156')>O	<img src="" alt="X" />A"onerror=alert('156')>O	A"onerror=alert('156')>O
157	<img src="" alt="X">A"onerror=alert('157')>O	<img src="" alt="X" />A"onerror=alert('157')>O	A"onerror=alert('157')>O
158	<img src="" alt="X">A"onerror=alert('158')>O	<img src="" alt="X" />A"onerror=alert('158')>O	A"onerror=alert('158')>O
159	<img src="" alt="X">A"onerror=alert('159')>O	<img src="" alt="X" />A"onerror=alert('159')>O	A"onerror=alert('159')>O
160	<img src="" alt="X">A"onerror=alert('160')>O	<img src="" alt="X" />A"onerror=alert('160')>O	A"onerror=alert('160')>O
161	<img src="" alt="X">A"onerror=alert('161')>O	<img src="" alt="X" />A"onerror=alert('161')>O	A"onerror=alert('161')>O
162	<img src="" alt="X">A"onerror=alert('162')>O	<img src="" alt="X" />A"onerror=alert('162')>O	A"onerror=alert('162')>O
163	<img src="" alt="X">A"onerror=alert('163')>O	<img src="" alt="X" />A"onerror=alert('163')>O	A"onerror=alert('163')>O
164	<img src="" alt="X">A"onerror=alert('164')>O	<img src="" alt="X" />A"onerror=alert('164')>O	A"onerror=alert('164')>O
165	<img src="" alt="X">A"onerror=alert('165')>O	<img src="" alt="X" />A"onerror=alert('165')>O	A"onerror=alert('165')>O
166	<img src="" alt="X">A"onerror=alert('166')>O	<img src="" alt="X" />A"onerror=alert('166')>O	A"onerror=alert('166')>O
167	<img src="" alt="X">A"onerror=alert('167')>O	<img src="" alt="X" />A"onerror=alert('167')>O	A"onerror=alert('167')>O
168	<img src="" alt="X">A"onerror=alert('168')>O	<img src="" alt="X" />A"onerror=alert('168')>O	A"onerror=alert('168')>O
169	<img src="" alt="X">A"onerror=alert('169')>O	<img src="" alt="X" />A"onerror=alert('169')>O	A"onerror=alert('169')>O
170	<img src="" alt="X">A"onerror=alert('170')>O	<img src="" alt="X" />A"onerror=alert('170')>O	A"onerror=alert('170')>O
171	<img src="" alt="X">A"onerror=alert('171')>O	<img src="" alt="X" />A"onerror=alert('171')>O	A"onerror=alert('171')>O
172	<img src="" alt="X">A"onerror=alert('172')>O	<img src="" alt="X" />A"onerror=alert('172')>O	A"onerror=alert('172')>O
173	<img src="" alt="X">A"onerror=alert('173')>O	<img src="" alt="X" />A"onerror=alert('173')>O	A"onerror=alert('173')>O
174	<img src="" alt="X">A"onerror=alert('174')>O	<img src="" alt="X" />A"onerror=alert('174')>O	A"onerror=alert('174')>O
175	<img src="" alt="X">A"onerror=alert('175')>O	<img src="" alt="X" />A"onerror=alert('175')>O	A"onerror=alert('175')>O
176	<img src="" alt="X">A"onerror=alert('176')>O	<img src="" alt="X" />A"onerror=alert('176')>O	A"onerror=alert('176')>O
177	<img src="" alt="X">A"onerror=alert('177')>O	<img src="" alt="X" />A"onerror=alert('177')>O	A"onerror=alert('177')>O
178	<img src="" alt="X">A"onerror=alert('178')>O	<img src="" alt="X" />A"onerror=alert('178')>O	A"onerror=alert('178')>O
179	<img src="" alt="X">A"onerror=alert('179')>O	<img src="" alt="X" />A"onerror=alert('179')>O	A"onerror=alert('179')>O
180	<img src="" alt="X">A"onerror=alert('180')>O	<img src="" alt="X" />A"onerror=alert('180')>O	A"onerror=alert('180')>O
181	<img src="" alt="X">A"onerror=alert('181')>O	<img src="" alt="X" />A"onerror=alert('181')>O	A"onerror=alert('181')>O
182	<img src="" alt="X">A"onerror=alert('182')>O	<img src="" alt="X" />A"onerror=alert('182')>O	A"onerror=alert('182')>O
183	<img src="" alt="X">A"onerror=alert('183')>O	<img src="" alt="X" />A"onerror=alert('183')>O	A"onerror=alert('183')>O
184	<img src="" alt="X">A"onerror=alert('184')>O	<img src="" alt="X" />A"onerror=alert('184')>O	A"onerror=alert('184')>O
185	<img src="" alt="X">A"onerror=alert('185')>O	<img src="" alt="X" />A"onerror=alert('185')>O	A"onerror=alert('185')>O
186	<img src="" alt="X">A"onerror=alert('186')>O	<img src="" alt="X" />A"onerror=alert('186')>O	A"onerror=alert('186')>O
187	<img src="" alt="X">A"onerror=alert('187')>O	<img src="" alt="X" />A"onerror=alert('187')>O	A"onerror=alert('187')>O
188	<img src="" alt="X">A"onerror=alert('188')>O	<img src="" alt="X" />A"onerror=alert('188')>O	A"onerror=alert('188')>O
189	<img src="" alt="X">A"onerror=alert('189')>O	<img src="" alt="X" />A"onerror=alert('189')>O	A"onerror=alert('189')>O
190	<img src="" alt="X">A"onerror=alert('190')>O	<img src="" alt="X" />A"onerror=alert('190')>O	A"onerror=alert('190')>O
191	<img src="" alt="X">A"onerror=alert('191')>O	<img src="" alt="X" />A"onerror=alert('191')>O	A"onerror=alert('191')>O
192	<img src="" alt="X>A"onerror=alert('192')>O	<img src="" alt="X>A" />O	O
193	<img src="" alt="X>A"onerror=alert('193')>O	<img src="" alt="X>A" />O	O
194	<img src="" alt="X>A"onerror=alert('194')>O	<img src="" alt="X>A" />O	O
195	<img src="" alt="X>A"onerror=alert('195')>O	<img src="" alt="X>A" />O	O
196	<img src="" alt="X>A"onerror=alert('196')>O	<img src="" alt="X>A" />O	O
197	<img src="" alt="X>A"onerror=alert('197')>O	<img src="" alt="X>A" />O	O
198	<img src="" alt="X>A"onerror=alert('198')>O	<img src="" alt="X>A" />O	O
199	<img src="" alt="X>A"onerror=alert('199')>O	<img src="" alt="X>A" />O	O
200	<img src="" alt="X>A"onerror=alert('200')>O	<img src="" alt="X>A" />O	O
201	<img src="" alt="X>A"onerror=alert('201')>O	<img src="" alt="X>A" />O	O
202	<img src="" alt="X>A"onerror=alert('202')>O	<img src="" alt="X>A" />O	O
203	<img src="" alt="X>A"onerror=alert('203')>O	<img src="" alt="X>A" />O	O
204	<img src="" alt="X>A"onerror=alert('204')>O	<img src="" alt="X>A" />O	O
205	<img src="" alt="X>A"onerror=alert('205')>O	<img src="" alt="X>A" />O	O
206	<img src="" alt="X>A"onerror=alert('206')>O	<img src="" alt="X>A" />O	O
207	<img src="" alt="X>A"onerror=alert('207')>O	<img src="" alt="X>A" />O	O
208	<img src="" alt="X>A"onerror=alert('208')>O	<img src="" alt="X>A" />O	O
209	<img src="" alt="X>A"onerror=alert('209')>O	<img src="" alt="X>A" />O	O
210	<img src="" alt="X>A"onerror=alert('210')>O	<img src="" alt="X>A" />O	O
211	<img src="" alt="X>A"onerror=alert('211')>O	<img src="" alt="X>A" />O	O
212	<img src="" alt="X>A"onerror=alert('212')>O	<img src="" alt="X>A" />O	O
213	<img src="" alt="X>A"onerror=alert('213')>O	<img src="" alt="X>A" />O	O
214	<img src="" alt="X>A"onerror=alert('214')>O	<img src="" alt="X>A" />O	O
215	<img src="" alt="X>A"onerror=alert('215')>O	<img src="" alt="X>A" />O	O
216	<img src="" alt="X>A"onerror=alert('216')>O	<img src="" alt="X>A" />O	O
217	<img src="" alt="X>A"onerror=alert('217')>O	<img src="" alt="X>A" />O	O
218	<img src="" alt="X>A"onerror=alert('218')>O	<img src="" alt="X>A" />O	O
219	<img src="" alt="X>A"onerror=alert('219')>O	<img src="" alt="X>A" />O	O
220	<img src="" alt="X>A"onerror=alert('220')>O	<img src="" alt="X>A" />O	O
221	<img src="" alt="X>A"onerror=alert('221')>O	<img src="" alt="X>A" />O	O
222	<img src="" alt="X>A"onerror=alert('222')>O	<img src="" alt="X>A" />O	O
223	<img src="" alt="X>A"onerror=alert('223')>O	<img src="" alt="X>A" />O	O
224	<img src="" alt="X>A"onerror=alert('224')>O	<img src="" alt="X>A" />O	O
225	<img src="" alt="X>A"onerror=alert('225')>O	<img src="" alt="X>A" />O	O
226	<img src="" alt="X>A"onerror=alert('226')>O	<img src="" alt="X>A" />O	O
227	<img src="" alt="X>A"onerror=alert('227')>O	<img src="" alt="X>A" />O	O
228	<img src="" alt="X>A"onerror=alert('228')>O	<img src="" alt="X>A" />O	O
229	<img src="" alt="X>A"onerror=alert('229')>O	<img src="" alt="X>A" />O	O
230	<img src="" alt="X>A"onerror=alert('230')>O	<img src="" alt="X>A" />O	O
231	<img src="" alt="X>A"onerror=alert('231')>O	<img src="" alt="X>A" />O	O
232	<img src="" alt="X>A"onerror=alert('232')>O	<img src="" alt="X>A" />O	O
233	<img src="" alt="X>A"onerror=alert('233')>O	<img src="" alt="X>A" />O	O
234	<img src="" alt="X>A"onerror=alert('234')>O	<img src="" alt="X>A" />O	O
235	<img src="" alt="X>A"onerror=alert('235')>O	<img src="" alt="X>A" />O	O
236	<img src="" alt="X>A"onerror=alert('236')>O	<img src="" alt="X>A" />O	O
237	<img src="" alt="X>A"onerror=alert('237')>O	<img src="" alt="X>A" />O	O
238	<img src="" alt="X>A"onerror=alert('238')>O	<img src="" alt="X>A" />O	O
239	<img src="" alt="X>A"onerror=alert('239')>O	<img src="" alt="X>A" />O	O
240	<img src="" alt="X>A"onerror=alert('240')>O	<img src="" alt="X>A" />O	O
241	<img src="" alt="X>A"onerror=alert('241')>O	<img src="" alt="X>A" />O	O
242	<img src="" alt="X>A"onerror=alert('242')>O	<img src="" alt="X>A" />O	O
243	<img src="" alt="X>A"onerror=alert('243')>O	<img src="" alt="X>A" />O	O
244	<img src="" alt="X>A"onerror=alert('244')>O	<img src="" alt="X>A" />O	O
245	<img src="" alt="X>A"onerror=alert('245')>O	<img src="" alt="X>A" />O	O
246	<img src="" alt="X>A"onerror=alert('246')>O	<img src="" alt="X>A" />O	O
247	<img src="" alt="X>A"onerror=alert('247')>O	<img src="" alt="X>A" />O	O
248	<img src="" alt="X>A"onerror=alert('248')>O	<img src="" alt="X>A" />O	O
249	<img src="" alt="X>A"onerror=alert('249')>O	<img src="" alt="X>A" />O	O
250	<img src="" alt="X>A"onerror=alert('250')>O	<img src="" alt="X>A" />O	O
251	<img src="" alt="X>A"onerror=alert('251')>O	<img src="" alt="X>A" />O	O
252	<img src="" alt="X>A"onerror=alert('252')>O	<img src="" alt="X>A" />O	O
253	<img src="" alt="X>A"onerror=alert('253')>O	<img src="" alt="X>A" />O	O
254	<img src="" alt="X">A"onerror=alert('254')>O	<img src="" alt="X" />A"onerror=alert('254')>O	A"onerror=alert('254')>O
255	<img src="" alt="X">A"onerror=alert('255')>O	<img src="" alt="X" />A"onerror=alert('255')>O	A"onerror=alert('255')>O

Analysis

By making sure that UTF-8 is well formed and non-SGML codepoints are removed, as well as escaping quotes outside of tags, this is a non-threat.