HTML elements that parse differently when rendered
This shows which elements change in the DOM when nested.
Created by: Gareth Heyes
Created on: 4/19/2024, 11:30:14 AM
Updated on: 5/17/2024, 3:47:54 AM
Vector type: XSS
Template used:
<$[data1] id=x><$[data1]></$[data1]></$[data1]>
Code used after fuzz:
const element = document.getElementById('x');
if(element && !element.querySelector('$[data1]')) {
log('$[data1]');
}
Your browser was detected as:
Detecting... Detecting...
Fuzz results:
Firefox 125.0
Results
Found 35
| Data |
|---|
| a |
| Data |
|---|
| area |
| Data |
|---|
| base |
| Data |
|---|
| br |
| Data |
|---|
| button |
| Data |
|---|
| dd |
| Data |
|---|
| dt |
| Data |
|---|
| embed |
| Data |
|---|
| form |
| Data |
|---|
| h1 |
| Data |
|---|
| hr |
| Data |
|---|
| iframe |
| Data |
|---|
| img |
| Data |
|---|
| input |
| Data |
|---|
| li |
| Data |
|---|
| link |
| Data |
|---|
| meta |
| Data |
|---|
| nobr |
| Data |
|---|
| noembed |
| Data |
|---|
| noframes |
| Data |
|---|
| noscript |
| Data |
|---|
| option |
| Data |
|---|
| p |
| Data |
|---|
| param |
| Data |
|---|
| script |
| Data |
|---|
| select |
| Data |
|---|
| source |
| Data |
|---|
| style |
| Data |
|---|
| table |
| Data |
|---|
| template |
| Data |
|---|
| textarea |
| Data |
|---|
| title |
| Data |
|---|
| track |
| Data |
|---|
| wbr |
| Data |
|---|
| xmp |
Safari 17.4.1
Results
Found 34
| Data |
|---|
| a |
| Data |
|---|
| area |
| Data |
|---|
| base |
| Data |
|---|
| br |
| Data |
|---|
| dd |
| Data |
|---|
| dt |
| Data |
|---|
| embed |
| Data |
|---|
| form |
| Data |
|---|
| h1 |
| Data |
|---|
| hr |
| Data |
|---|
| iframe |
| Data |
|---|
| img |
| Data |
|---|
| input |
| Data |
|---|
| li |
| Data |
|---|
| link |
| Data |
|---|
| meta |
| Data |
|---|
| nobr |
| Data |
|---|
| noembed |
| Data |
|---|
| noframes |
| Data |
|---|
| noscript |
| Data |
|---|
| option |
| Data |
|---|
| p |
| Data |
|---|
| param |
| Data |
|---|
| script |
| Data |
|---|
| select |
| Data |
|---|
| source |
| Data |
|---|
| style |
| Data |
|---|
| table |
| Data |
|---|
| template |
| Data |
|---|
| textarea |
| Data |
|---|
| title |
| Data |
|---|
| track |
| Data |
|---|
| wbr |
| Data |
|---|
| xmp |
Chrome 124.0.0.0
Results
Found 34
| Data |
|---|
| a |
| Data |
|---|
| area |
| Data |
|---|
| base |
| Data |
|---|
| br |
| Data |
|---|
| dd |
| Data |
|---|
| dt |
| Data |
|---|
| embed |
| Data |
|---|
| form |
| Data |
|---|
| h1 |
| Data |
|---|
| hr |
| Data |
|---|
| iframe |
| Data |
|---|
| img |
| Data |
|---|
| input |
| Data |
|---|
| li |
| Data |
|---|
| link |
| Data |
|---|
| meta |
| Data |
|---|
| nobr |
| Data |
|---|
| noembed |
| Data |
|---|
| noframes |
| Data |
|---|
| noscript |
| Data |
|---|
| option |
| Data |
|---|
| p |
| Data |
|---|
| param |
| Data |
|---|
| script |
| Data |
|---|
| select |
| Data |
|---|
| source |
| Data |
|---|
| style |
| Data |
|---|
| table |
| Data |
|---|
| template |
| Data |
|---|
| textarea |
| Data |
|---|
| title |
| Data |
|---|
| track |
| Data |
|---|
| wbr |
| Data |
|---|
| xmp |