XSSDB Exports

The XSSDB is a collection of example "attacks" to illustrate various types of cross-site scripting (XSS) vulnerabilities. It is similar in purpose to RSnake's "Cross-Site Scripting Cheat Sheet": http://ha.ckers.org/xss.html which is probably more useful for a human audience.


All files were exported from dabbleDB on May 18, 2011.


Here is a viewer that should work in modern browsers (I tested FF 6 and Chrome 13) Viewer


The XSSDB is a GNU Citizen project from several years back. http://www.gnucitizen.org/blog/xssdb/

While the project became idle over time, the underlying data lived on within the "dabbleDB" web database (http://www.dabbledb.com/) and was exportable in several formats until May 18 of 2011.

I used the jsonp format for a personal project I was working on. So, when dabbleDB shut down, this became a problem.

Prior to the dabbleDB shut down, I exported the data in the various formats.

These exports are hosted here.


As described in the DabbleDB page associated with the XSSDB - this content is licensed under the Creative Commons Attribution 2.5 License:

Creative Commons Attribution 2.5 License.


The XSSDB is a GNU Citizen Project: http://www.gnucitizen.org/blog/xssdb/

All XSSDB examples were developed by the author listed for each example.


I can be reached at dan@xssdb.net for anything related to this website. If you have specific new examples you'd like included - it would probably be better to discuss them on sla.ckers.org and then send me a link to the discussion than to send them to me directly.


My thanks and gratitude to GNU Citizen and Petko D. Petkov (pdp) for compiling this information, as well as to the numerous creative and expert authors who originally contributed these techniques.

- Dan Anderson, Sept 18, 2011