XSS vectors that execute automatically inside svg
This vector shows which events fire without user interaction inside a SVG tag
Created by: Gareth Heyes
Created on: 4/17/2024, 6:20:49 PM
Updated on: 5/18/2024, 9:37:12 AM
Vector type: XSS
Template used:
<svg><$[data1] src=1 srcdoc=1 href=1 href=1 $[data2]="log('$[data1]->$[data2]')"></$[data1]></svg>
<svg><$[data1] $[data2]="log('$[data1]->$[data2]')"></$[data1]></svg>
Your browser was detected as:
Detecting... Detecting...
Fuzz results:
Safari 17.4.1
Results
Found 1
| Data |
|---|
| img->onerror |
Chrome 124.0.0.0
Results
Found 1
| Data |
|---|
| img->onerror |