Featured vector

IE 11.0
<!-- sample vector --> <img src="xx:xx0x22onerror=alert(1)>

Fuzz vector cloud

3,344,426 Successful fuzzes

Fuzz Vectors

Searching for "handler"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
Valid characters in on____ event handler attributes <img src on*chr*error=logChr(*num*)> @Lamp_Sec
Characters allowed between event handlers and equal sign <img src="about:blank" onerror*chr*=logChr(*num*)> @peksa
HTML input image tag attributes that run JavaScript <input *datahtmlattributes*="customLog('*datahtmlattributes*')" type="image" src="about:blank"> @peksa
HTML input tag attributes that run JavaScript <input *datahtmlattributes*="customLog('*datahtmlattributes*')" type="text"> @peksa
Characters that dont inhibit eventhandlers <img src=xx:xx o*chr*nerror=logChr(*num*)> @tifkin_
html dataentities before event handler <img src="x" asdf/="_=" alt=" *dataentities*onerror=logChr(*num*) //"> @testacc40590139
Determine what character can be at the end of the javascript but before the colon <!-- sample vector --> <img src=xx:xx *chr*onerror=logChr(*num*)> <a href=javascript*chr*:alert(*num*)>*num*</a> @MisterJyu
Characters ignored in html event handler name <img src=x on*chr*Error="javascript:log(*num*)"/> @mhswende