Any better ways comment below.
#documentwrite() #innerHTML #DOMXSS
Using document.write() after a document is loaded, deletes all existing HTML
The innerHTML sink doesn't accept script elements on any modern browser, nor will svg onload events fire. This means you will need to use alternative elements like img or iframe. Event handlers such as onload and onerror can be used in conjunction with these elements
