Cross-site scripting cheat sheet

This cross-site scripting (XSS) cheat sheet contains many vectors that can help you bypass WAFs and filters. You can select vectors by the event, tag or browser and a proof of concept is included for every vector.

You can download a PDF version of the XSS cheat sheet.
This cheat sheet was brought to by PortSwigger Research.
This cheat sheet is regularly updated.